diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-07-17 11:33:52 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-07-17 11:33:52 +0200 |
commit | 2a5dc4175eeb29331b1af83b0e03fa965d447533 (patch) | |
tree | 09231f884800b8513c44844aab605582e2aa100f /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config | |
parent | 9e62eee118784c8f42c60254944f23427751223e (diff) | |
parent | ebb9207bb7895ce59feb34d4d911ba9f0f0add9f (diff) | |
download | moa-id-spss-2a5dc4175eeb29331b1af83b0e03fa965d447533.tar.gz moa-id-spss-2a5dc4175eeb29331b1af83b0e03fa965d447533.tar.bz2 moa-id-spss-2a5dc4175eeb29331b1af83b0e03fa965d447533.zip |
Merge branch 'new_key-value_solution' into moa-id-3.0.0-snapshot
Conflicts:
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
id/server/moa-id-commons/pom.xml
id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
pom.xml
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config')
25 files changed, 4162 insertions, 2809 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java index 24def1e02..5ec0a5bc6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java @@ -1,27 +1,5 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ /* - * Copyright 2003 Federal Chancellery Austria + * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * @@ -42,128 +20,47 @@ * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ - - package at.gv.egovernment.moa.id.config; -import java.math.BigInteger; -import java.security.Principal; -import java.security.cert.X509Certificate; -import java.util.Map; - -import at.gv.egovernment.moa.id.data.IssuerAndSerial; - /** - * Base class for <code>AuthConfigurationProvider</code> and <code>ProxyConfigurationProvider</code>, - * providing functions common to both of them. + * @author tlenz * - * @author Paul Ivancsics - * @version $Id$ */ -public class ConfigurationProvider { - - /** - * Constructor - */ - public ConfigurationProvider() { - super(); - } - - /** - * The name of the system property which contains the file name of the - * configuration file. - */ - public static final String CONFIG_PROPERTY_NAME = - "moa.id.configuration"; - - /** - * The name of the system property which contains the file name of the - * configuration file. - */ - public static final String PROXY_CONFIG_PROPERTY_NAME = - "moa.id.proxy.configuration"; - - /** - * The name of the generic configuration property giving the certstore directory path. - */ - public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY = - "DirectoryCertStoreParameters.RootDir"; - - /** - * The name of the generic configuration property switching the ssl revocation checking on/off - */ - public static final String TRUST_MANAGER_REVOCATION_CHECKING = - "TrustManager.RevocationChecking"; - - - /** - * A <code>Map</code> which contains generic configuration information. Maps a - * configuration name (a <code>String</code>) to a configuration value (also a - * <code>String</code>). - */ - protected Map<String, String> genericConfiguration; - - /** The default chaining mode. */ - protected String defaultChainingMode; - - /** - * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to - * chaining mode (a <code>String</code>) mapping. - */ - protected Map<IssuerAndSerial, String> chainingModes; - - /** - * the URL for the trusted CA Certificates - */ - protected String trustedCACertificates; - - /** - * main configuration file directory name used to configure MOA-ID - */ - protected String rootConfigFileDir; - - protected String certstoreDirectory; - - protected boolean trustmanagerrevoationchecking = true; - - /** - * Returns the main configuration file directory used to configure MOA-ID - * - * @return the directory +public interface ConfigurationProvider { + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String CONFIG_PROPERTY_NAME = + "moa.id.configuration"; + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String PROXY_CONFIG_PROPERTY_NAME = + "moa.id.proxy.configuration"; + + /** + * The name of the generic configuration property giving the certstore directory path. + */ + public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY = + "DirectoryCertStoreParameters.RootDir"; + + /** + * The name of the generic configuration property switching the ssl revocation checking on/off */ - public String getRootConfigFileDir() { - return rootConfigFileDir; - } - - public String getDefaultChainingMode() { - return defaultChainingMode; - } - - - /** - * Returns the trustedCACertificates. - * @return String - */ - public String getTrustedCACertificates() { - - return trustedCACertificates; - } - -/** - * @return the certstoreDirectory - */ -public String getCertstoreDirectory() { - return certstoreDirectory; -} - -/** - * @return the trustmanagerrevoationchecking - */ -public boolean isTrustmanagerrevoationchecking() { - return trustmanagerrevoationchecking; -} - - - - + public static final String TRUST_MANAGER_REVOCATION_CHECKING = + "TrustManager.RevocationChecking"; + + public String getRootConfigFileDir(); + + public String getDefaultChainingMode(); + + public String getTrustedCACertificates(); + + public String getCertstoreDirectory(); + + public boolean isTrustmanagerrevoationchecking(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java new file mode 100644 index 000000000..113e9cdda --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java @@ -0,0 +1,282 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.config; + +import java.util.Map; +import java.util.Properties; + +import org.hibernate.cfg.Configuration; + +import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; +import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; +import at.gv.egovernment.moa.id.data.IssuerAndSerial; +import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.util.config.EgovUtilPropertiesConfiguration; + + +/** + * Base class for <code>AuthConfigurationProvider</code> and <code>ProxyConfigurationProvider</code>, + * providing functions common to both of them. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public abstract class ConfigurationProviderImpl implements ConfigurationProvider{ + + /** + * Constructor + */ + public ConfigurationProviderImpl() { + + super(); + } + + private EgovUtilPropertiesConfiguration eGovUtilsConfig = null; + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String CONFIG_PROPERTY_NAME = + "moa.id.configuration"; + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String PROXY_CONFIG_PROPERTY_NAME = + "moa.id.proxy.configuration"; + + /** + * The name of the generic configuration property giving the certstore directory path. + */ + public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY = + "DirectoryCertStoreParameters.RootDir"; + + /** + * The name of the generic configuration property switching the ssl revocation checking on/off + */ + public static final String TRUST_MANAGER_REVOCATION_CHECKING = + "TrustManager.RevocationChecking"; + + + /** + * A <code>Map</code> which contains generic configuration information. Maps a + * configuration name (a <code>String</code>) to a configuration value (also a + * <code>String</code>). + */ + protected Map<String, String> genericConfiguration; + + /** The default chaining mode. */ + protected String defaultChainingMode; + + /** + * A <code>Map</code> which contains the <code>IssuerAndSerial</code> to + * chaining mode (a <code>String</code>) mapping. + */ + protected Map<IssuerAndSerial, String> chainingModes; + + /** + * the URL for the trusted CA Certificates + */ + protected String trustedCACertificates; + + /** + * main configuration file directory name used to configure MOA-ID + */ + protected String rootConfigFileDir; + + protected String certstoreDirectory; + + protected boolean trustmanagerrevoationchecking = true; + + protected Properties configProp = null; + + /** + * Returns the main configuration file directory used to configure MOA-ID + * + * @return the directory + */ + public String getRootConfigFileDir() { + return rootConfigFileDir; + } + + + public String getDefaultChainingMode() { + return defaultChainingMode; + } + + /** + * Get the DB configuration properties from MOA-ID-Auth configuration file + * + * @return + */ + public Properties getDBConnectionConfiguration() { + return this.configProp; + } + + /** + * @param properties + * @throws ConfigurationException + * @throws org.opensaml.xml.ConfigurationException + */ + public void initial(Properties props) throws ConfigurationException, org.opensaml.xml.ConfigurationException { + //Initial Hibernate Framework + Logger.trace("Initializing Hibernate framework."); + try { + // read MOAID Session Hibernate properties + Properties moaSessionProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "moasession."; + if (key.toString().startsWith(propPrefix+"hibernate")) { + String propertyName = key.toString().substring(propPrefix.length()); + moaSessionProp.put(propertyName, props.get(key.toString())); + } + } + + // read Config Hibernate properties + configProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "configuration."; + if (key.toString().startsWith(propPrefix+"hibernate")) { + String propertyName = key.toString().substring(propPrefix.length()); + configProp.put(propertyName, props.get(key.toString())); + } + } + + // read advanced logging properties + Properties statisticProps = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "advancedlogging."; + if (key.toString().startsWith(propPrefix+"hibernate")) { + String propertyName = key.toString().substring(propPrefix.length()); + statisticProps.put(propertyName, props.get(key.toString())); + } + } + + // initialize hibernate + synchronized (ConfigurationProviderImpl.class) { + + //Initial config Database + // ConfigurationDBUtils.initHibernate(configProp); + + //initial MOAID Session Database + Configuration config = new Configuration(); + config.addAnnotatedClass(AssertionStore.class); + config.addAnnotatedClass(AuthenticatedSessionStore.class); + config.addAnnotatedClass(OASessionStore.class); + config.addAnnotatedClass(OldSSOSessionIDStore.class); + config.addAnnotatedClass(ExceptionStore.class); + config.addAnnotatedClass(InterfederationSessionStore.class); + config.addAnnotatedClass(ProcessInstanceStore.class); + config.addProperties(moaSessionProp); + MOASessionDBUtils.initHibernate(config, moaSessionProp); + + //initial advanced logging + if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) { + Logger.info("Advanced statistic log is activated, starting initialization process ..."); + Configuration statisticconfig = new Configuration(); + statisticconfig.addAnnotatedClass(StatisticLog.class); + statisticconfig.addProperties(statisticProps); + StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); + Logger.info("Advanced statistic log is initialized."); + } + + } + Logger.trace("Hibernate initialization finished."); + + } catch (ExceptionInInitializerError e) { + throw new ConfigurationException("config.17", null, e); + + } finally { + + + } + + + //Initialize OpenSAML for STORK + Logger.info("Starting initialization of OpenSAML..."); + MOADefaultBootstrap.bootstrap(); + //DefaultBootstrap.bootstrap(); + Logger.debug("OpenSAML successfully initialized"); + + + //read eGovUtils client configuration + Properties eGovUtilsConfigProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "service."; + if (key.toString().startsWith(propPrefix+"egovutil")) { + String propertyName = key.toString().substring(propPrefix.length()); + eGovUtilsConfigProp.put(propertyName, props.get(key.toString())); + } + } + if (!eGovUtilsConfigProp.isEmpty()) { + Logger.info("Start eGovUtils client implementation configuration ..."); + eGovUtilsConfig = + new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); + } + + } + + + /** + * @return the eGovUtilsConfig + */ + public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { + return eGovUtilsConfig; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java index 1a2136ebd..d36a4318a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java @@ -27,29 +27,23 @@ import java.io.UnsupportedEncodingException; import java.util.ArrayList; import java.util.List; -import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; public class ConfigurationUtils { - public static List<String> getTransformInfos(List<TransformsInfoType> transformations) { + public static List<String> getTransformInfos(String transform) { List<String> list = new ArrayList<String>(); - - for (TransformsInfoType e1 : transformations) { - - try { - String transform = new String(e1.getTransformation(), "UTF-8"); - String encoded = new String(Base64Utils.decode(transform, false), "UTF-8"); - list.add(encoded); - - } catch (UnsupportedEncodingException e) { - Logger.warn("Transformation can not be loaded. An encoding error ocurs", e); - - } catch (IOException e) { - Logger.warn("Transformation can not be loaded from database.", e); - } - } + try { + String encoded = new String(Base64Utils.decode(transform, false), "UTF-8"); + list.add(encoded); + + } catch (UnsupportedEncodingException e) { + Logger.warn("Transformation can not be loaded. An encoding error ocurs", e); + + } catch (IOException e) { + Logger.warn("Transformation can not be loaded from database.", e); + } return list; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java index ccf2c5a57..e38a4f360 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameter.java @@ -24,7 +24,7 @@ package at.gv.egovernment.moa.id.config; import java.util.Properties; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.util.MiscUtil; public abstract class ConnectionParameter implements ConnectionParameterInterface{ @@ -32,12 +32,12 @@ public abstract class ConnectionParameter implements ConnectionParameterInterfac protected static final String PROP_IDENTIFIER_KEYSTOREPASSWORD = "clientKeyStorePassword"; protected static final String PROP_IDENTIFIER_ACCEPEDSERVERCERTS = "acceptedServerCertificates"; - protected ConnectionParameterClientAuthType database; + protected String url; protected Properties prop; protected String basedirectory; - public ConnectionParameter(ConnectionParameterClientAuthType database, Properties prop, String basedirectory) { - this.database = database; + public ConnectionParameter(String url, Properties prop, String basedirectory) { + this.url = url; this.prop = prop; this.basedirectory = basedirectory; } @@ -62,16 +62,16 @@ public abstract class ConnectionParameter implements ConnectionParameterInterfac public boolean isHTTPSURL() { - if (database==null) + if (MiscUtil.isEmpty(url)) return false; else - return database.getURL().indexOf("https") == 0; + return url.indexOf("https") == 0; } public String getUrl() { - if (database == null) + if (MiscUtil.isEmpty(url)) return null; else - return database.getURL(); + return url; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterForeign.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterForeign.java index a0b787ec5..27d72f515 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterForeign.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterForeign.java @@ -24,16 +24,15 @@ package at.gv.egovernment.moa.id.config; import java.util.Properties; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; import at.gv.egovernment.moa.util.MiscUtil; public class ConnectionParameterForeign extends ConnectionParameter{ private static final String MOASP_PROP_IDENTIFIER_PREFIX = "service.foreignidentities."; - public ConnectionParameterForeign(ConnectionParameterClientAuthType database, + public ConnectionParameterForeign(String url, Properties prop, String basedirectory) { - super(database, prop, basedirectory); + super(url, prop, basedirectory); } public String getAcceptedServerCertificates() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMOASP.java index 3ba1ec6c3..a96b8a8ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMOASP.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMOASP.java @@ -24,16 +24,15 @@ package at.gv.egovernment.moa.id.config; import java.util.Properties; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; import at.gv.egovernment.moa.util.MiscUtil; public class ConnectionParameterMOASP extends ConnectionParameter{ private static final String MOASP_PROP_IDENTIFIER_PREFIX = "service.moasp."; - public ConnectionParameterMOASP(ConnectionParameterClientAuthType database, + public ConnectionParameterMOASP(String url, Properties prop, String basedirectory) { - super(database, prop, basedirectory); + super(url, prop, basedirectory); } public String getAcceptedServerCertificates() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMandate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMandate.java index f6ca392d1..c25d6826a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMandate.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConnectionParameterMandate.java @@ -24,16 +24,15 @@ package at.gv.egovernment.moa.id.config; import java.util.Properties; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; import at.gv.egovernment.moa.util.MiscUtil; public class ConnectionParameterMandate extends ConnectionParameter{ private static final String MOASP_PROP_IDENTIFIER_PREFIX = "service.onlinemandates."; - public ConnectionParameterMandate(ConnectionParameterClientAuthType database, + public ConnectionParameterMandate(String url, Properties prop, String basedirectory) { - super(database, prop, basedirectory); + super(url, prop, basedirectory); } public String getAcceptedServerCertificates() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java index 828bf99ca..87e40c1b3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java @@ -22,51 +22,25 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.config.auth; -import java.util.Date; - -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.logging.Logger; public class AuthConfigLoader implements Runnable { - private static final long INTERVAL = 60; // 60 sec + private static final long INTERVAL = 24 * 60 * 60; // 24 hours public void run() { while (true) { try { - Thread.sleep(INTERVAL * 1000); - - Logger.trace("check for new config."); - MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - - if (moaidconfig != null) { - Date dbdate = moaidconfig.getTimestampItem(); - Date pvprefresh = moaidconfig.getPvp2RefreshItem(); - - Date date = AuthConfigurationProvider.getTimeStamp(); - - if (dbdate != null && dbdate.after(date)) { - AuthConfigurationProvider instance = AuthConfigurationProvider.getInstance(); - instance.reloadDataBaseConfig(); - } + Thread.sleep(INTERVAL * 1000); + Logger.trace("Check consistence of PVP2X metadata"); + MOAMetadataProvider.reInitialize(); - Date pvpdate = MOAMetadataProvider.getTimeStamp(); - if (pvprefresh != null && pvpdate != null && pvprefresh.after(pvpdate)) { - MOAMetadataProvider.reInitialize(); - } - - } else { - Logger.warn("MOA-ID Configuration is actually not found. Reuse old configuration."); - - } - - + } catch (Throwable e) { - Logger.warn("MOA-ID Configuration is actually not loadable. Reuse old configuration.", e); + Logger.warn("MOA-ID Configuration validation is not possible, actually. Reuse old configuration.", e); } finally { ConfigurationDBUtils.closeSession(); @@ -77,8 +51,8 @@ public class AuthConfigLoader implements Runnable { public static void start() { // start the session cleanup thread - Thread configLoader = new Thread(new AuthConfigLoader(), "AuthConfigLoader"); - configLoader.setName("ConfigurationLoader"); + Thread configLoader = new Thread(new AuthConfigLoader(), "ConfigurationChecker"); + configLoader.setName("ConfigurationChecker"); configLoader.setDaemon(true); configLoader.setPriority(Thread.MIN_PRIORITY); configLoader.start(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java new file mode 100644 index 000000000..e4072d0c5 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java @@ -0,0 +1,148 @@ +package at.gv.egovernment.moa.id.config.auth; + +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; +import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.util.config.EgovUtilPropertiesConfiguration; + +public interface AuthConfiguration extends ConfigurationProvider{ + + public static final String DEFAULT_X509_CHAININGMODE = "pkix"; + + public Properties getGeneralPVP2ProperiesConfig(); + + public Properties getGeneralOAuth20ProperiesConfig(); + + public ProtocolAllowed getAllowedProtocols(); + + @Deprecated + public PVP2 getGeneralPVP2DBConfig(); + + public Map<String, String> getConfigurationWithPrefix(final String Prefix); + + public String getConfigurationWithKey(final String key); + + @Deprecated + public TimeOuts getTimeOuts() throws ConfigurationException; + + public int getTransactionTimeOut(); + public int getSSOCreatedTimeOut(); + public int getSSOUpdatedTimeOut(); + + public String getAlternativeSourceID() throws ConfigurationException; + + public List<String> getLegacyAllowedProtocols(); + + public OAAuthParameter getOnlineApplicationParameter(String oaURL); + + public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException; + + public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException; + + public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException; + + public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException; + + public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException; + + public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException; + + public List<String> getTransformsInfos() throws ConfigurationException; + + public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException; + + public List<String> getSLRequestTemplates() throws ConfigurationException; + + public String getSLRequestTemplates(String type) throws ConfigurationException; + + public List<String> getDefaultBKUURLs() throws ConfigurationException; + + public String getDefaultBKUURL(String type) throws ConfigurationException; + + public String getSSOTagetIdentifier() throws ConfigurationException; + + public String getSSOFriendlyName(); + + public String getSSOSpecialText(); + + public String getMOASessionEncryptionKey(); + + public String getMOAConfigurationEncryptionKey(); + + public boolean isIdentityLinkResigning(); + + public String getIdentityLinkResigningKey(); + + public boolean isMonitoringActive(); + + public String getMonitoringTestIdentityLinkURL(); + + public String getMonitoringMessageSuccess(); + + public boolean isAdvancedLoggingActive(); + + public String getPublicURLPrefix(); + + public boolean isPVP2AssertionEncryptionActive(); + + public boolean isCertifiacteQCActive(); + + public STORKConfig getStorkConfig() throws ConfigurationException; + + public EgovUtilPropertiesConfiguration geteGovUtilsConfig(); + + public String getDocumentServiceUrl(); + + /** + * Notify, if the STORK fake IdentityLink functionality is active + * + * @return true/false + */ + public boolean isStorkFakeIdLActive(); + + /** + * Get a list of all STORK countries for which a faked IdentityLink should be created + * + * @return {List<String>} of country codes + */ + public List<String> getStorkFakeIdLCountries(); + + /** + * Get a list of all STORK countries for which no signature is required + * + * @return {List<String>} of country codes + */ + public List<String> getStorkNoSignatureCountries(); + + /** + * Get the MOA-SS key-group identifier for fake IdentityLink signing + * + * @return MOA-SS key-group identifier {String} + */ + public String getStorkFakeIdLResigningKey(); + + + /** + * Notify, if the PVP2x metadata schema validation is active + * + * @return true/false + */ + public boolean isPVPSchemaValidationActive(); + + /** + * Get all configuration values with prefix and wildcard + * + * @param key: Search key. * and % can be used as wildcards + * @return Key/Value pairs {Map<String, String>}, which key maps the search key + */ + Map<String, String> getConfigurationWithWildCard(String key); + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index d33a9ea92..03f4a300a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -1,1167 +1,1221 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.auth; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.math.BigInteger; -import java.net.MalformedURLException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.Unmarshaller; - -import org.hibernate.cfg.Configuration; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; -import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; -import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; -import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; -import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; -import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; -import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; -import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.ConfigurationUtils; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; -import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; -import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; -import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; -import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; -import at.gv.egovernment.moa.id.data.IssuerAndSerial; -import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.util.config.EgovUtilPropertiesConfiguration; - -/** - * A class providing access to the Auth Part of the MOA-ID configuration data. - * - * <p>Configuration data is read from an XML file, whose location is given by - * the <code>moa.id.configuration</code> system property.</p> - * <p>This class implements the Singleton pattern. The <code>reload()</code> - * method can be used to update the configuration data. Therefore, it is not - * guaranteed that consecutive calls to <code>getInstance()</code> will return - * the same <code>AuthConfigurationProvider</code> all the time. During the - * processing of a web service request, the current - * <code>TransactionContext</code> should be used to obtain the - * <code>AuthConfigurationProvider</code> local to that request.</p> - * - * @author Patrick Peck - * @author Stefan Knirsch - * - * @version $Id$ - */ -public class AuthConfigurationProvider extends ConfigurationProvider { - -// /** DEFAULT_ENCODING is "UTF-8" */ -// private static final String DEFAULT_ENCODING="UTF-8"; - /** - * The name of the generic configuration property giving the authentication session time out. - */ - public static final String AUTH_SESSION_TIMEOUT_PROPERTY = - "AuthenticationSession.TimeOut"; - /** - * The name of the generic configuration property giving the authentication data time out. - */ - public static final String AUTH_DATA_TIMEOUT_PROPERTY = - "AuthenticationData.TimeOut"; - - /** - * BKUSelectionType HTMLComplete, according to schema type <code>BKUSelectionType</code> - */ - public static final String BKU_SELECTION_TYPE_HTMLCOMPLETE = - "HTMLComplete"; - - /** - * BKUSelectionType HTMLSelect, according to schema type <code>BKUSelectionType</code> - */ - public static final String BKU_SELECTION_TYPE_HTMLSELECT = - "HTMLSelect"; - - /** - * The name of the generic configuration property allowing https connection to - * the user frontend servlets ("StartAuthentication" and "SelectBKU" servlets) - */ - public static final String FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY = - "FrontendServlets.EnableHTTPConnection"; - - /** - * The name of the generic configuration property allowing to set a individual - * DATA URL used to communicate with the BKU (SecurityLayer) - */ - public static final String INDIVIDUAL_DATA_URL_PREFIX = - "FrontendServlets.DataURLPrefix"; - - /** Singleton instance. <code>null</code>, if none has been created. */ - private static AuthConfigurationProvider instance; - - // - // configuration data - // - private static MOAIDConfiguration moaidconfig = null; - - private static Properties props = null; - - private static STORKConfig storkconfig = null; - - private static TimeOuts timeouts = null; - - private static PVP2 pvp2general = null; - - private static String alternativesourceid = null; - - private static List<String> legacyallowedprotocols = new ArrayList<String>(); - private static ProtocolAllowed allowedProtcols = null; - - private static VerifyAuthBlock verifyidl = null; - - private static ConnectionParameter MoaSpConnectionParameter = null; - private static ConnectionParameter ForeignIDConnectionParameter = null; - private static ConnectionParameter OnlineMandatesConnectionParameter = null; - - private static String MoaSpIdentityLinkTrustProfileID = null; - - private static List<String> TransformsInfos = null; - private static List<String> IdentityLinkX509SubjectNames = new ArrayList<String>(); - - private static Map<String, String> SLRequestTemplates = new HashMap<String, String>(); - private static Map<String, String> DefaultBKUURLs = new HashMap<String, String>(); - - private static SSO ssoconfig = null; - - private EgovUtilPropertiesConfiguration eGovUtilsConfig = null; - - private static Date date = null; - - private String publicURLPreFix = null; - - /** - * Return the single instance of configuration data. - * - * @return AuthConfigurationProvider The current configuration data. - * @throws ConfigurationException - */ - public static synchronized AuthConfigurationProvider getInstance() - throws ConfigurationException { - - if (instance == null) { - reload(); - } - return instance; - } - - public static Date getTimeStamp() { - return date; - } - - /** - * Reload the configuration data and set it if successful. - * - * @return AuthConfigurationProvider The loaded configuration data. - * @throws ConfigurationException Failure to load the configuration data. - */ - public static synchronized AuthConfigurationProvider reload() - throws ConfigurationException { - String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); - if (fileName == null) { - throw new ConfigurationException("config.01", null); - } - Logger.info("Loading MOA-ID-AUTH configuration " + fileName); - - instance = new AuthConfigurationProvider(fileName); - return instance; - } - - - /** - * Constructor for AuthConfigurationProvider. - * @param fileName - * @throws ConfigurationException - */ - public AuthConfigurationProvider(String fileName) - throws ConfigurationException { - - load(fileName); - } - - /** - * Load the configuration data from XML file with the given name and build - * the internal data structures representing the MOA ID configuration. - * - * @param fileName The name of the XML file to load. - * @throws ConfigurationException The MOA configuration could not be - * read/built. - */ - private void load(String fileName) throws ConfigurationException { - - try { - //Initial Hibernate Framework - Logger.trace("Initializing Hibernate framework."); - - //Load MOAID-2.0 properties file - File propertiesFile = new File(fileName); - FileInputStream fis = null; - props = new Properties(); - - // determine the directory of the root config file - rootConfigFileDir = new File(fileName).getParent(); - - try { - rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); - - } catch (MalformedURLException t) { - throw new ConfigurationException("config.03", null, t); - } - - try { - fis = new FileInputStream(propertiesFile); - props.load(fis); - - // read MOAID Session Hibernate properties - Properties moaSessionProp = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "moasession."; - if (key.toString().startsWith(propPrefix+"hibernate")) { - String propertyName = key.toString().substring(propPrefix.length()); - moaSessionProp.put(propertyName, props.get(key.toString())); - } - } - - // read Config Hibernate properties - Properties configProp = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "configuration."; - if (key.toString().startsWith(propPrefix+"hibernate")) { - String propertyName = key.toString().substring(propPrefix.length()); - configProp.put(propertyName, props.get(key.toString())); - } - } - - // read advanced logging properties - Properties statisticProps = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "advancedlogging."; - if (key.toString().startsWith(propPrefix+"hibernate")) { - String propertyName = key.toString().substring(propPrefix.length()); - statisticProps.put(propertyName, props.get(key.toString())); - } - } - - // initialize hibernate - synchronized (AuthConfigurationProvider.class) { - - //Initial config Database - ConfigurationDBUtils.initHibernate(configProp); - - //initial MOAID Session Database - Configuration config = new Configuration(); - config.addAnnotatedClass(AssertionStore.class); - config.addAnnotatedClass(AuthenticatedSessionStore.class); - config.addAnnotatedClass(OASessionStore.class); - config.addAnnotatedClass(OldSSOSessionIDStore.class); - config.addAnnotatedClass(ExceptionStore.class); - config.addAnnotatedClass(InterfederationSessionStore.class); - config.addAnnotatedClass(ProcessInstanceStore.class); - config.addProperties(moaSessionProp); - MOASessionDBUtils.initHibernate(config, moaSessionProp); - - //initial advanced logging - if (isAdvancedLoggingActive()) { - Logger.info("Advanced statistic log is activated, starting initialization process ..."); - Configuration statisticconfig = new Configuration(); - statisticconfig.addAnnotatedClass(StatisticLog.class); - statisticconfig.addProperties(statisticProps); - StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); - Logger.info("Advanced statistic log is initialized."); - } - - } - Logger.trace("Hibernate initialization finished."); - - } catch (FileNotFoundException e) { - throw new ConfigurationException("config.03", null, e); - - } catch (IOException e) { - throw new ConfigurationException("config.03", null, e); - - } catch (ExceptionInInitializerError e) { - throw new ConfigurationException("config.17", null, e); - - } finally { - if (fis != null) - fis.close(); - - } - - - //Initialize OpenSAML for STORK - Logger.info("Starting initialization of OpenSAML..."); - MOADefaultBootstrap.bootstrap(); - //DefaultBootstrap.bootstrap(); - Logger.debug("OpenSAML successfully initialized"); - - - String legacyconfig = props.getProperty("configuration.xml.legacy"); - String xmlconfig = props.getProperty("configuration.xml"); -// String xmlconfigout = props.getProperty("configuration.xml.out"); - - - //configure eGovUtils client implementations - - //read eGovUtils client configuration - Properties eGovUtilsConfigProp = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "service."; - if (key.toString().startsWith(propPrefix+"egovutil")) { - String propertyName = key.toString().substring(propPrefix.length()); - eGovUtilsConfigProp.put(propertyName, props.get(key.toString())); - } - } - if (!eGovUtilsConfigProp.isEmpty()) { - Logger.info("Start eGovUtils client implementation configuration ..."); - eGovUtilsConfig = - new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); - } - - - //check if XML config should be used - if (MiscUtil.isNotEmpty(legacyconfig) || MiscUtil.isNotEmpty(xmlconfig)) { - Logger.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); - moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - if (moaidconfig != null) - ConfigurationDBUtils.delete(moaidconfig); - - List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications(); - if (oas != null && oas.size() > 0) { - for (OnlineApplication oa : oas) - ConfigurationDBUtils.delete(oa); - } - } - - //load legacy config if it is configured - if (MiscUtil.isNotEmpty(legacyconfig)) { - Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!"); - - MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null); - - List<OnlineApplication> oas = moaconfig.getOnlineApplication(); - for (OnlineApplication oa : oas) - ConfigurationDBUtils.save(oa); - - moaconfig.setOnlineApplication(null); - ConfigurationDBUtils.save(moaconfig); - - Logger.info("Legacy Configuration load is completed."); - - - } - - //load MOA-ID 2.x config from XML - if (MiscUtil.isNotEmpty(xmlconfig)) { - Logger.warn("Load configuration from MOA-ID 2.x XML configuration"); - - try { - JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); - Unmarshaller m = jc.createUnmarshaller(); - File file = new File(xmlconfig); - MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(file); - //ConfigurationDBUtils.save(moaconfig); - - List<OnlineApplication> importoas = moaconfig.getOnlineApplication(); - for (OnlineApplication importoa : importoas) { - ConfigurationDBUtils.saveOrUpdate(importoa); - } - - moaconfig.setOnlineApplication(null); - ConfigurationDBUtils.saveOrUpdate(moaconfig); - - } catch (Exception e) { - Logger.warn("MOA-ID XML configuration can not be loaded from File.", e); - throw new ConfigurationException("config.02", null); - } - Logger.info("XML Configuration load is completed."); - } - - reloadDataBaseConfig(); - - - } catch (Throwable t) { - throw new ConfigurationException("config.02", null, t); - } - } - - public synchronized void reloadDataBaseConfig() throws ConfigurationException { - - Logger.info("Read MOA-ID 2.0 configuration from database."); - moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - Logger.info("MOA-ID 2.0 is loaded."); - - if (moaidconfig == null) { - Logger.warn("NO MOA-ID configuration found."); - throw new ConfigurationException("config.18", null); - } - - //build STORK Config - AuthComponentGeneral auth = getAuthComponentGeneral(); - ForeignIdentities foreign = auth.getForeignIdentities(); - if (foreign == null ) { - Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); - } else - storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir); - - //load Chaining modes - ChainingModes cm = moaidconfig.getChainingModes(); - if (cm != null) { - defaultChainingMode = cm.getSystemDefaultMode().value(); - - List<TrustAnchor> tas = cm.getTrustAnchor(); - - chainingModes = new HashMap<IssuerAndSerial, String>(); - for (TrustAnchor ta : tas) { - IssuerAndSerial is = new IssuerAndSerial(ta.getX509IssuerName(), ta.getX509SerialNumber()); - chainingModes.put(is, ta.getMode().value()); - } - } else { - Logger.warn("Error in MOA-ID Configuration. No ChainingMode configuration found."); - throw new ConfigurationException("config.02", null); - } - - //set Trusted CA certs directory - trustedCACertificates = rootConfigFileDir + moaidconfig.getTrustedCACertificates(); - - //set CertStoreDirectory - setCertStoreDirectory(); - - //set TrustManagerRevocationChecking - setTrustManagerRevocationChecking(); - - //set default timeouts - timeouts = new TimeOuts(); - timeouts.setAssertion(new BigInteger("300")); - timeouts.setMOASessionCreated(new BigInteger("2700")); - timeouts.setMOASessionUpdated(new BigInteger("1200")); - - //search timeouts in config - if (auth.getGeneralConfiguration() != null) { - if (auth.getGeneralConfiguration().getTimeOuts() != null) { - if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() != null) - timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() != null) - timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() != null) - timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); - - } else { - Logger.info("No TimeOuts defined. Use default values"); - } - } - - // sets the authentication session and authentication data time outs - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutCreated(timeouts.getMOASessionCreated().longValue()); - - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutUpdated(timeouts.getMOASessionUpdated().longValue()); - - AuthenticationServer.getInstance() - .setSecondsAuthDataTimeOut(timeouts.getAssertion().longValue()); - - - - //set PVP2 general config - Protocols protocols = auth.getProtocols(); - if (protocols != null) { - - allowedProtcols = new ProtocolAllowed(); - - if (protocols.getSAML1() != null) { - allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); - - //load alternative sourceID - if (MiscUtil.isNotEmpty(protocols.getSAML1().getSourceID())) - alternativesourceid = protocols.getSAML1().getSourceID(); - - } - - if (protocols.getOAuth() != null) { - allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); - } - - if (protocols.getPVP2() != null) { - PVP2 el = protocols.getPVP2(); - - allowedProtcols.setPVP21Active(el.isIsActive()); - - pvp2general = new PVP2(); - pvp2general.setIssuerName(el.getIssuerName()); - pvp2general.setPublicURLPrefix(el.getPublicURLPrefix()); - - if (el.getOrganization() != null) { - Organization org = new Organization(); - pvp2general.setOrganization(org); - org.setDisplayName(el.getOrganization().getDisplayName()); - org.setName(el.getOrganization().getName()); - org.setURL(el.getOrganization().getURL()); - } - - if (el.getContact() != null) { - List<Contact> cont = new ArrayList<Contact>(); - pvp2general.setContact(cont); - for (Contact e : el.getContact()) { - Contact c = new Contact(); - c.setCompany(e.getCompany()); - c.setGivenName(e.getGivenName()); - c.getMail().addAll(e.getMail()); - c.getPhone().addAll(e.getPhone()); - c.setSurName(e.getSurName()); - c.setType(e.getType()); - cont.add(c); - } - } - } - } else { - Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); - } - - //set alternativeSourceID - if (auth.getGeneralConfiguration() != null) { - - //TODO: can be removed in a further version, because it is moved to SAML1 config - if (MiscUtil.isEmpty(alternativesourceid)) - alternativesourceid = auth.getGeneralConfiguration().getAlternativeSourceID(); - - if (MiscUtil.isNotEmpty(auth.getGeneralConfiguration().getPublicURLPreFix())) - publicURLPreFix = auth.getGeneralConfiguration().getPublicURLPreFix(); - - else { - Logger.error("No Public URL Prefix configured."); - throw new ConfigurationException("config.05", new Object[]{"Public URL Prefix"}); - } - - } else { - Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); - throw new ConfigurationException("config.02", null); - } - - //set LegacyAllowedProtocols - try { - if (auth.getProtocols() != null) { - Protocols procols = auth.getProtocols(); - if (procols.getLegacyAllowed() != null) { - LegacyAllowed legacy = procols.getLegacyAllowed(); - legacyallowedprotocols = new ArrayList<String>(legacy.getProtocolName()); - } - } - } catch (Exception e) { - Logger.info("No protocols found with legacy allowed flag!"); - } - - //set VerifyAuthBlockConfig - MOASP moasp = getMOASPConfig(auth); - - VerifyAuthBlock el = moasp.getVerifyAuthBlock(); - if (el != null) { - verifyidl = new VerifyAuthBlock(); - verifyidl.setTrustProfileID(el.getTrustProfileID()); - verifyidl.setVerifyTransformsInfoProfileID(new ArrayList<String>(el.getVerifyTransformsInfoProfileID())); - } - else { - Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); - throw new ConfigurationException("config.02", null); - } - - //set MOASP connection parameters - if (moasp.getConnectionParameter() != null) - MoaSpConnectionParameter = new ConnectionParameterMOASP(moasp.getConnectionParameter(), props, this.rootConfigFileDir); - else - MoaSpConnectionParameter = null; - - //set ForeignIDConnectionParameters - if (foreign != null) { - ForeignIDConnectionParameter = new ConnectionParameterForeign(foreign.getConnectionParameter(), props, this.rootConfigFileDir); - } else { - Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); - } - - //set OnlineMandateConnectionParameters - OnlineMandates ovs = auth.getOnlineMandates(); - if (ovs != null) { - OnlineMandatesConnectionParameter = new ConnectionParameterMandate(ovs.getConnectionParameter(), props, this.rootConfigFileDir); - - } else { - Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to OVS Service found"); - } - - //set MOASP IdentityLink Trust-ProfileID - VerifyIdentityLink verifyidl = moasp.getVerifyIdentityLink(); - if (verifyidl != null) - MoaSpIdentityLinkTrustProfileID = verifyidl.getTrustProfileID(); - else { - Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); - throw new ConfigurationException("config.02", null); - } - - //set SL transformation infos - SecurityLayer seclayer = auth.getSecurityLayer(); - if (seclayer == null) { - Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); - throw new ConfigurationException("config.02", null); - } else { - TransformsInfos = ConfigurationUtils.getTransformInfos(seclayer.getTransformsInfo()); - - if (TransformsInfos == null || TransformsInfos.size() == 0) { - Logger.error("No Security-Layer Transformation found."); - throw new ConfigurationException("config.05", new Object[]{"Security-Layer Transformation"}); - } - - } - - //set IdentityLinkSignerSubjectNames - IdentityLinkX509SubjectNames = new ArrayList<String>(); - IdentityLinkSigners idlsigners = auth.getIdentityLinkSigners(); - if (idlsigners != null) { - Logger.debug("Load own IdentityLinkX509SubjectNames"); - IdentityLinkX509SubjectNames.addAll(new ArrayList<String>(idlsigners.getX509SubjectName())); - } - - // now add the default identity link signers - String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; - for (int i=0; i<identityLinkSignersWithoutOID.length; i++) { - String identityLinkSigner = identityLinkSignersWithoutOID[i]; - if (!IdentityLinkX509SubjectNames.contains(identityLinkSigner)) { - IdentityLinkX509SubjectNames.add(identityLinkSigner); - } - } - - //set SLRequestTemplates - SLRequestTemplates templ = moaidconfig.getSLRequestTemplates(); - if (templ == null) { - Logger.warn("Error in MOA-ID Configuration. No SLRequestTemplates found"); - throw new ConfigurationException("config.02", null); - } else { - SLRequestTemplates.put(IOAAuthParameters.ONLINEBKU, templ.getOnlineBKU()); - SLRequestTemplates.put(IOAAuthParameters.LOCALBKU, templ.getLocalBKU()); - SLRequestTemplates.put(IOAAuthParameters.HANDYBKU, templ.getHandyBKU()); - } - - //set Default BKU URLS - DefaultBKUs bkuuls = moaidconfig.getDefaultBKUs(); - if (bkuuls != null) { - DefaultBKUURLs.put(IOAAuthParameters.ONLINEBKU, bkuuls.getOnlineBKU()); - DefaultBKUURLs.put(IOAAuthParameters.LOCALBKU, bkuuls.getLocalBKU()); - DefaultBKUURLs.put(IOAAuthParameters.HANDYBKU, bkuuls.getHandyBKU()); - } - - //set SSO Config - if (auth.getSSO()!= null) { - ssoconfig = new SSO(); - ssoconfig.setFriendlyName(auth.getSSO().getFriendlyName()); - ssoconfig.setPublicURL(auth.getSSO().getPublicURL()); - ssoconfig.setSpecialText(auth.getSSO().getSpecialText()); - ssoconfig.setTarget(auth.getSSO().getTarget()); - - if (auth.getSSO().getIdentificationNumber() != null) { - IdentificationNumber value = new IdentificationNumber(); - value.setType(auth.getSSO().getIdentificationNumber().getType()); - value.setValue(auth.getSSO().getIdentificationNumber().getValue()); - ssoconfig.setIdentificationNumber(value); - } - } else { - Logger.warn("Error in MOA-ID Configuration. No Single Sign-On Config found"); - } - - //close Database - ConfigurationDBUtils.closeSession(); - - date = new Date(); - } - - - private Properties getGeneralProperiesConfig(final String propPrefix) { - Properties configProp = new Properties(); - for (Object key : props.keySet()) { - if (key.toString().startsWith(propPrefix)) { - String propertyName = key.toString().substring(propPrefix.length()); - configProp.put(propertyName, props.get(key.toString())); - } - } - return configProp; - } - - public Properties getGeneralPVP2ProperiesConfig() { - return this.getGeneralProperiesConfig("protocols.pvp2."); - } - - public Properties getGeneralOAuth20ProperiesConfig() { - return this.getGeneralProperiesConfig("protocols.oauth20."); - } - - public ProtocolAllowed getAllowedProtocols() { - return allowedProtcols; - } - - public PVP2 getGeneralPVP2DBConfig() { - return pvp2general; - } - - public TimeOuts getTimeOuts() throws ConfigurationException { - return timeouts; - } - - public String getAlternativeSourceID() throws ConfigurationException { - return alternativesourceid; - } - - public List<String> getLegacyAllowedProtocols() { - return legacyallowedprotocols; - } - - - /** - * Provides configuration information regarding the online application behind - * the given URL, relevant to the MOA-ID Auth component. - * - * @param oaURL URL requested for an online application - * @return an <code>OAAuthParameter</code>, or <code>null</code> - * if none is applicable - */ - public OAAuthParameter getOnlineApplicationParameter(String oaURL) { - - OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(oaURL); - - if (oa == null) { - Logger.warn("Online application with identifier " + oaURL + " is not found."); - return null; - } - - return new OAAuthParameter(oa); - } - - - /** - * Return a string with a url-reference to the VerifyAuthBlock trust - * profile id within the moa-sp part of the authentication component - * - * @return String with a url-reference to the VerifyAuthBlock trust profile ID - * @throws ConfigurationException - */ - public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { - return verifyidl.getTrustProfileID(); - } - - /** - * Return a string array with references to all verify transform info - * IDs within the moa-sp part of the authentication component - * @return A string array containing all urls to the - * verify transform info IDs - * @throws ConfigurationException - */ - public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { - return verifyidl.getVerifyTransformsInfoProfileID(); - } - - /** - * Return a ConnectionParameter bean containing all information - * of the authentication component moa-sp element - * @return ConnectionParameter of the authentication component moa-sp element - * @throws ConfigurationException - */ - public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { - return MoaSpConnectionParameter; - } - - /** - * Return a ConnectionParameter bean containing all information - * of the authentication component foreigid element - * @return ConnectionParameter of the authentication component foreignid element - * @throws ConfigurationException - */ - public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { - return ForeignIDConnectionParameter; - } - - /** - * Return a ConnectionParameter bean containing all information - * of the authentication component OnlineMandates element - * @return ConnectionParameter of the authentication component OnlineMandates element - * @throws ConfigurationException - */ - public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { - return OnlineMandatesConnectionParameter; - } - - /** - * Return a string with a url-reference to the VerifyIdentityLink trust - * profile id within the moa-sp part of the authentication component - * @return String with a url-reference to the VerifyIdentityLink trust profile ID - * @throws ConfigurationException - */ - public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { - return MoaSpIdentityLinkTrustProfileID; - } - - /** - * Returns the transformsInfos. - * @return String[] - * @throws ConfigurationException - */ - public List<String> getTransformsInfos() throws ConfigurationException { - return TransformsInfos; - } - - /** - * Returns the identityLinkX509SubjectNames. - * @return List - * @throws ConfigurationException - */ - public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException { - return IdentityLinkX509SubjectNames; - } - - public List<String> getSLRequestTemplates() throws ConfigurationException { - return new ArrayList<String>(SLRequestTemplates.values()); - } - - public String getSLRequestTemplates(String type) throws ConfigurationException { - String el = SLRequestTemplates.get(type); - if (MiscUtil.isNotEmpty(el)) - return el; - else { - Logger.warn("getSLRequestTemplates: BKU Type does not match: " - + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); - return null; - } - } - - public List<String> getDefaultBKUURLs() throws ConfigurationException { - return new ArrayList<String>(DefaultBKUURLs.values()); - } - - public String getDefaultBKUURL(String type) throws ConfigurationException { - String el = DefaultBKUURLs.get(type); - if (MiscUtil.isNotEmpty(el)) - return el; - else { - Logger.warn("getSLRequestTemplates: BKU Type does not match: " - + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); - return null; - } - } - -// public boolean isSSOBusinessService() throws ConfigurationException { +///******************************************************************************* +// * Copyright 2014 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// ******************************************************************************/ +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package at.gv.egovernment.moa.id.config.auth; +// +//import java.io.File; +//import java.io.FileInputStream; +//import java.io.FileNotFoundException; +//import java.io.IOException; +//import java.math.BigInteger; +//import java.net.MalformedURLException; +//import java.util.ArrayList; +//import java.util.Arrays; +//import java.util.Date; +//import java.util.HashMap; +//import java.util.List; +//import java.util.Map; +//import java.util.Properties; +// +//import javax.xml.bind.JAXBContext; +//import javax.xml.bind.Unmarshaller; +// +//import org.hibernate.cfg.Configuration; +// +//import at.gv.egovernment.moa.id.auth.AuthenticationServer; +//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +//import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask; +//import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +//import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +//import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; +//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +//import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +//import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +//import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +//import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +//import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +//import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; +//import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +//import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +//import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +//import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +//import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +//import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +//import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; +//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +//import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; +//import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; +//import at.gv.egovernment.moa.id.config.ConfigurationException; +//import at.gv.egovernment.moa.id.config.ConfigurationProvider; +//import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; +//import at.gv.egovernment.moa.id.config.ConfigurationUtils; +//import at.gv.egovernment.moa.id.config.ConnectionParameter; +//import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; +//import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; +//import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; +//import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; +//import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig; +//import at.gv.egovernment.moa.id.config.stork.STORKConfig; +//import at.gv.egovernment.moa.id.data.IssuerAndSerial; +//import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; +//import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; +//import at.gv.egovernment.moa.logging.Logger; +//import at.gv.egovernment.moa.util.MiscUtil; +//import at.gv.util.config.EgovUtilPropertiesConfiguration; +// +//import com.fasterxml.jackson.annotation.JsonIgnore; +//import com.fasterxml.jackson.annotation.JsonProperty; +// +///** +// * A class providing access to the Auth Part of the MOA-ID configuration data. +// * +// * <p>Configuration data is read from an XML file, whose location is given by +// * the <code>moa.id.configuration</code> system property.</p> +// * <p>This class implements the Singleton pattern. The <code>reload()</code> +// * method can be used to update the configuration data. Therefore, it is not +// * guaranteed that consecutive calls to <code>getInstance()</code> will return +// * the same <code>AuthConfigurationProvider</code> all the time. During the +// * processing of a web service request, the current +// * <code>TransactionContext</code> should be used to obtain the +// * <code>AuthConfigurationProvider</code> local to that request.</p> +// * +// * @author Patrick Peck +// * @author Stefan Knirsch +// * +// * @version $Id$ +// * +// *@deprecated Use {@link AuthConfigProviderFactory} instead +// */ +//public class AuthConfigurationProvider extends ConfigurationProviderImpl implements AuthConfiguration { +// +//// /** DEFAULT_ENCODING is "UTF-8" */ +//// private static final String DEFAULT_ENCODING="UTF-8"; +// /** +// * The name of the generic configuration property giving the authentication session time out. +// */ +// public static final String AUTH_SESSION_TIMEOUT_PROPERTY = +// "AuthenticationSession.TimeOut"; +// /** +// * The name of the generic configuration property giving the authentication data time out. +// */ +// public static final String AUTH_DATA_TIMEOUT_PROPERTY = +// "AuthenticationData.TimeOut"; +// +// /** +// * BKUSelectionType HTMLComplete, according to schema type <code>BKUSelectionType</code> +// */ +// public static final String BKU_SELECTION_TYPE_HTMLCOMPLETE = +// "HTMLComplete"; +// +// /** +// * BKUSelectionType HTMLSelect, according to schema type <code>BKUSelectionType</code> +// */ +// public static final String BKU_SELECTION_TYPE_HTMLSELECT = +// "HTMLSelect"; +// +// /** +// * The name of the generic configuration property allowing https connection to +// * the user frontend servlets ("StartAuthentication" and "SelectBKU" servlets) +// */ +// public static final String FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY = +// "FrontendServlets.EnableHTTPConnection"; +// +// /** +// * The name of the generic configuration property allowing to set a individual +// * DATA URL used to communicate with the BKU (SecurityLayer) +// */ +// public static final String INDIVIDUAL_DATA_URL_PREFIX = +// "FrontendServlets.DataURLPrefix"; +// +// /** Singleton instance. <code>null</code>, if none has been created. */ +// private static AuthConfigurationProvider instance; +// +// // +// // configuration data +// // +// private static MOAIDConfiguration moaidconfig = null; +// +// private static Properties props = null; +// +// private static STORKConfig storkconfig = null; +// +// private static TimeOuts timeouts = null; +// +// private static PVP2 pvp2general = null; +// +// private static String alternativesourceid = null; +// +// private static List<String> legacyallowedprotocols = new ArrayList<String>(); +// private static ProtocolAllowed allowedProtcols = null; +// +// private static VerifyAuthBlock verifyidl = null; +// +// private static ConnectionParameter MoaSpConnectionParameter = null; +// private static ConnectionParameter ForeignIDConnectionParameter = null; +// private static ConnectionParameter OnlineMandatesConnectionParameter = null; +// +// private static String MoaSpIdentityLinkTrustProfileID = null; +// +// private static List<String> TransformsInfos = null; +// private static List<String> IdentityLinkX509SubjectNames = new ArrayList<String>(); +// +// private static Map<String, String> SLRequestTemplates = new HashMap<String, String>(); +// private static Map<String, String> DefaultBKUURLs = new HashMap<String, String>(); +// +// private static SSO ssoconfig = null; +// +// private EgovUtilPropertiesConfiguration eGovUtilsConfig = null; +// +// private static Date date = null; +// +// private String publicURLPreFix = null; +// +// /** +// * Return the single instance of configuration data. +// * +// * @return AuthConfigurationProvider The current configuration data. +// * @throws ConfigurationException +// */ +// public static synchronized AuthConfigurationProvider getInstance() +// throws ConfigurationException { +// +// if (instance == null) { +// reload(); +// } +// return instance; +// } +// +// public static Date getTimeStamp() { +// return date; +// } +// +// /** +// * Reload the configuration data and set it if successful. +// * +// * @return AuthConfigurationProvider The loaded configuration data. +// * @throws ConfigurationException Failure to load the configuration data. +// */ +// public static synchronized AuthConfigurationProvider reload() +// throws ConfigurationException { +// String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); +// if (fileName == null) { +// throw new ConfigurationException("config.01", null); +// } +// Logger.info("Loading MOA-ID-AUTH configuration " + fileName); +// +// instance = new AuthConfigurationProvider(fileName); +// return instance; +// } +// +// +// /** +// * Constructor for AuthConfigurationProvider. +// * @param fileName +// * @throws ConfigurationException +// */ +// public AuthConfigurationProvider(String fileName) +// throws ConfigurationException { +// +// load(fileName); +// } +// +// /** +// * Protected constructor. Used by unit tests. +// */ +// protected AuthConfigurationProvider() { +// } +// +// /** +// * Load the configuration data from XML file with the given name and build +// * the internal data structures representing the MOA ID configuration. +// * +// * @param fileName The name of the XML file to load. +// * @throws ConfigurationException The MOA configuration could not be +// * read/built. +// */ +// private void load(String fileName) throws ConfigurationException { +// +// try { +// //Initial Hibernate Framework +// Logger.trace("Initializing Hibernate framework."); +// +// //Load MOAID-2.0 properties file +// File propertiesFile = new File(fileName); +// FileInputStream fis = null; +// props = new Properties(); +// +// // determine the directory of the root config file +// rootConfigFileDir = new File(fileName).getParent(); +// +// try { +// rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); +// +// } catch (MalformedURLException t) { +// throw new ConfigurationException("config.03", null, t); +// } +// +// try { +// fis = new FileInputStream(propertiesFile); +// props.load(fis); +// +// // read MOAID Session Hibernate properties +// Properties moaSessionProp = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "moasession."; +// if (key.toString().startsWith(propPrefix+"hibernate")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// moaSessionProp.put(propertyName, props.get(key.toString())); +// } +// } +// +// // read Config Hibernate properties +// Properties configProp = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "configuration."; +// if (key.toString().startsWith(propPrefix+"hibernate")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// configProp.put(propertyName, props.get(key.toString())); +// } +// } +// +// // read advanced logging properties +// Properties statisticProps = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "advancedlogging."; +// if (key.toString().startsWith(propPrefix+"hibernate")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// statisticProps.put(propertyName, props.get(key.toString())); +// } +// } +// +// // initialize hibernate +// synchronized (AuthConfigurationProvider.class) { +// +// //Initial config Database +// // ConfigurationDBUtils.initHibernate(configProp); +// +// //initial MOAID Session Database +// Configuration config = new Configuration(); +// config.addAnnotatedClass(AssertionStore.class); +// config.addAnnotatedClass(AuthenticatedSessionStore.class); +// config.addAnnotatedClass(OASessionStore.class); +// config.addAnnotatedClass(OldSSOSessionIDStore.class); +// config.addAnnotatedClass(ExceptionStore.class); +// config.addAnnotatedClass(InterfederationSessionStore.class); +// config.addAnnotatedClass(ProcessInstanceStore.class); +// config.addProperties(moaSessionProp); +// MOASessionDBUtils.initHibernate(config, moaSessionProp); +// +// //initial advanced logging +// if (isAdvancedLoggingActive()) { +// Logger.info("Advanced statistic log is activated, starting initialization process ..."); +// Configuration statisticconfig = new Configuration(); +// statisticconfig.addAnnotatedClass(StatisticLog.class); +// statisticconfig.addProperties(statisticProps); +// StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); +// Logger.info("Advanced statistic log is initialized."); +// } +// +// } +// Logger.trace("Hibernate initialization finished."); +// +// } catch (FileNotFoundException e) { +// throw new ConfigurationException("config.03", null, e); +// +// } catch (IOException e) { +// throw new ConfigurationException("config.03", null, e); +// +// } catch (ExceptionInInitializerError e) { +// throw new ConfigurationException("config.17", null, e); +// +// } finally { +// if (fis != null) +// fis.close(); +// +// } +// +// +// //Initialize OpenSAML for STORK +// Logger.info("Starting initialization of OpenSAML..."); +// MOADefaultBootstrap.bootstrap(); +// //DefaultBootstrap.bootstrap(); +// Logger.debug("OpenSAML successfully initialized"); +// +// +// String legacyconfig = props.getProperty("configuration.xml.legacy"); +// String xmlconfig = props.getProperty("configuration.xml"); +//// String xmlconfigout = props.getProperty("configuration.xml.out"); +// +// +// //configure eGovUtils client implementations +// +// //read eGovUtils client configuration +// Properties eGovUtilsConfigProp = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "service."; +// if (key.toString().startsWith(propPrefix+"egovutil")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// eGovUtilsConfigProp.put(propertyName, props.get(key.toString())); +// } +// } +// if (!eGovUtilsConfigProp.isEmpty()) { +// Logger.info("Start eGovUtils client implementation configuration ..."); +// eGovUtilsConfig = +// new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); +// } +// +// +// //TODO: removed in MOA-ID 3.x +//// //check if XML config should be used +//// if (MiscUtil.isNotEmpty(legacyconfig) || MiscUtil.isNotEmpty(xmlconfig)) { +//// Logger.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); +//// //moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); +//// moaidconfig = NewConfigurationDBRead.getMOAIDConfiguration(); +//// if (moaidconfig.getAuthComponentGeneral()!= null || moaidconfig.getChainingModes() != null || moaidconfig.getTrustedCACertificates() != null || moaidconfig.getDefaultBKUs() != null +//// || moaidconfig.getSLRequestTemplates() != null || moaidconfig.getTimestampItem() != null || moaidconfig.getPvp2RefreshItem() != null) { +//// +//// // ConfigurationDBUtils.delete(moaidconfig); +//// for(String key : MOAIDConfigurationConstants.getMOAIDConfigurationKeys()){ +//// NewConfigurationDBWrite.delete(key); +//// } +//// } +//// +//// +//// //List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications(); +//// List<OnlineApplication> oas = NewConfigurationDBRead.getAllOnlineApplications(); +//// if (oas != null && oas.size() > 0) { +//// // for (OnlineApplication oa : oas) +//// // ConfigurationDBUtils.delete(oa); +//// NewConfigurationDBWrite.delete(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY); +//// } +//// } +//// +//// //load legacy config if it is configured +//// if (MiscUtil.isNotEmpty(legacyconfig)) { +//// Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!"); +//// +//// MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null); +//// +//// List<OnlineApplication> oas = moaconfig.getOnlineApplication(); +//// // for (OnlineApplication oa : oas) +//// // ConfigurationDBUtils.save(oa); +//// NewConfigurationDBWrite.saveOnlineApplications(oas); +//// +//// moaconfig.setOnlineApplication(null); +//// // ConfigurationDBUtils.save(moaconfig); +//// NewConfigurationDBWrite.save(moaconfig); +//// +//// Logger.info("Legacy Configuration load is completed."); +//// +//// +//// } +//// +//// //load MOA-ID 2.x config from XML +//// if (MiscUtil.isNotEmpty(xmlconfig)) { +//// Logger.warn("Load configuration from MOA-ID 2.x XML configuration"); +//// +//// try { +//// JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); +//// Unmarshaller m = jc.createUnmarshaller(); +//// File file = new File(xmlconfig); +//// MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(file); +//// //ConfigurationDBUtils.save(moaconfig); +//// +//// List<OnlineApplication> importoas = moaconfig.getOnlineApplication(); +//// // for (OnlineApplication importoa : importoas) { +//// // ConfigurationDBUtils.saveOrUpdate(importoa); +//// // } +//// +//// NewConfigurationDBWrite.saveOnlineApplications(importoas); +//// +//// moaconfig.setOnlineApplication(null); +//// //ConfigurationDBUtils.saveOrUpdate(moaconfig); +//// NewConfigurationDBWrite.save(moaconfig); +//// +//// } catch (Exception e) { +//// Logger.warn("MOA-ID XML configuration can not be loaded from File.", e); +//// throw new ConfigurationException("config.02", null); +//// } +//// Logger.info("XML Configuration load is completed."); +//// } +// +// reloadDataBaseConfig(); +// +// +// } catch (Throwable t) { +// throw new ConfigurationException("config.02", null, t); +// } +// } +// +// protected MOAIDConfiguration loadDataBaseConfig() { +// return ConfigurationDBRead.getMOAIDConfiguration(); +// } +// +// public synchronized void reloadDataBaseConfig() throws ConfigurationException { +// +// Logger.info("Read MOA-ID 2.0 configuration from database."); +// moaidconfig = loadDataBaseConfig(); +// Logger.info("MOA-ID 2.0 is loaded."); +// +// if (moaidconfig == null) { +// Logger.warn("NO MOA-ID configuration found."); +// throw new ConfigurationException("config.18", null); +// } +// +// //build STORK Config +// AuthComponentGeneral auth = getAuthComponentGeneral(); +// ForeignIdentities foreign = auth.getForeignIdentities(); +// if (foreign == null ) { +// Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); +// } else +// storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir); +// +// //load Chaining modes +// ChainingModes cm = moaidconfig.getChainingModes(); +// if (cm != null) { +// defaultChainingMode = cm.getSystemDefaultMode().value(); +// +// List<TrustAnchor> tas = cm.getTrustAnchor(); +// +// chainingModes = new HashMap<IssuerAndSerial, String>(); +// for (TrustAnchor ta : tas) { +// IssuerAndSerial is = new IssuerAndSerial(ta.getX509IssuerName(), ta.getX509SerialNumber()); +// chainingModes.put(is, ta.getMode().value()); +// } +// } else { +// Logger.warn("Error in MOA-ID Configuration. No ChainingMode configuration found."); +// throw new ConfigurationException("config.02", null); +// } +// +// //set Trusted CA certs directory +// trustedCACertificates = rootConfigFileDir + moaidconfig.getTrustedCACertificates(); +// +// //set CertStoreDirectory +// setCertStoreDirectory(); +// +// //set TrustManagerRevocationChecking +// setTrustManagerRevocationChecking(); +// +// //set default timeouts +// timeouts = new TimeOuts(); +// timeouts.setAssertion(new BigInteger("300")); +// timeouts.setMOASessionCreated(new BigInteger("2700")); +// timeouts.setMOASessionUpdated(new BigInteger("1200")); +// +// //search timeouts in config +// if (auth.getGeneralConfiguration() != null) { +// if (auth.getGeneralConfiguration().getTimeOuts() != null) { +// if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() != null) +// timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); +// +// if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() != null) +// timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); +// +// if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() != null) +// timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); +// +// } else { +// Logger.info("No TimeOuts defined. Use default values"); +// } +// } +// +// // sets the authentication session and authentication data time outs +// AuthenticationServer.getInstance() +// .setSecondsSessionTimeOutCreated(timeouts.getMOASessionCreated().longValue()); +// +// AuthenticationServer.getInstance() +// .setSecondsSessionTimeOutUpdated(timeouts.getMOASessionUpdated().longValue()); +// +// AuthenticationServer.getInstance() +// .setSecondsAuthDataTimeOut(timeouts.getAssertion().longValue()); +// +// +// +// //set PVP2 general config +// Protocols protocols = auth.getProtocols(); +// if (protocols != null) { +// +// allowedProtcols = new ProtocolAllowed(); +// +// if (protocols.getSAML1() != null) { +// allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); +// +// //load alternative sourceID +// if (MiscUtil.isNotEmpty(protocols.getSAML1().getSourceID())) +// alternativesourceid = protocols.getSAML1().getSourceID(); +// +// } +// +// if (protocols.getOAuth() != null) { +// allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); +// } +// +// if (protocols.getPVP2() != null) { +// PVP2 el = protocols.getPVP2(); +// +// allowedProtcols.setPVP21Active(el.isIsActive()); +// +// pvp2general = new PVP2(); +// pvp2general.setIssuerName(el.getIssuerName()); +// pvp2general.setPublicURLPrefix(el.getPublicURLPrefix()); +// +// if (el.getOrganization() != null) { +// Organization org = new Organization(); +// pvp2general.setOrganization(org); +// org.setDisplayName(el.getOrganization().getDisplayName()); +// org.setName(el.getOrganization().getName()); +// org.setURL(el.getOrganization().getURL()); +// } +// +// if (el.getContact() != null) { +// List<Contact> cont = new ArrayList<Contact>(); +// pvp2general.setContact(cont); +// for (Contact e : el.getContact()) { +// Contact c = new Contact(); +// c.setCompany(e.getCompany()); +// c.setGivenName(e.getGivenName()); +// c.getMail().addAll(e.getMail()); +// c.getPhone().addAll(e.getPhone()); +// c.setSurName(e.getSurName()); +// c.setType(e.getType()); +// cont.add(c); +// } +// } +// } +// } else { +// Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); +// } +// +// //set alternativeSourceID +// if (auth.getGeneralConfiguration() != null) { +// +// //TODO: can be removed in a further version, because it is moved to SAML1 config +// if (MiscUtil.isEmpty(alternativesourceid)) +// alternativesourceid = auth.getGeneralConfiguration().getAlternativeSourceID(); +// +// if (MiscUtil.isNotEmpty(auth.getGeneralConfiguration().getPublicURLPreFix())) +// publicURLPreFix = auth.getGeneralConfiguration().getPublicURLPreFix(); +// +// else { +// Logger.error("No Public URL Prefix configured."); +// throw new ConfigurationException("config.05", new Object[]{"Public URL Prefix"}); +// } +// +// } else { +// Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); +// throw new ConfigurationException("config.02", null); +// } +// +// //set LegacyAllowedProtocols +// try { +// if (auth.getProtocols() != null) { +// Protocols procols = auth.getProtocols(); +// if (procols.getLegacyAllowed() != null) { +// LegacyAllowed legacy = procols.getLegacyAllowed(); +// legacyallowedprotocols = new ArrayList<String>(legacy.getProtocolName()); +// } +// } +// } catch (Exception e) { +// Logger.info("No protocols found with legacy allowed flag!"); +// } +// +// //set VerifyAuthBlockConfig +// MOASP moasp = getMOASPConfig(auth); +// +// VerifyAuthBlock el = moasp.getVerifyAuthBlock(); +// if (el != null) { +// verifyidl = new VerifyAuthBlock(); +// verifyidl.setTrustProfileID(el.getTrustProfileID()); +// verifyidl.setVerifyTransformsInfoProfileID(new ArrayList<String>(el.getVerifyTransformsInfoProfileID())); +// } +// else { +// Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); +// throw new ConfigurationException("config.02", null); +// } +// +// //set MOASP connection parameters +// if (moasp.getConnectionParameter() != null) +// MoaSpConnectionParameter = new ConnectionParameterMOASP(moasp.getConnectionParameter(), props, this.rootConfigFileDir); +// else +// MoaSpConnectionParameter = null; +// +// //set ForeignIDConnectionParameters +// if (foreign != null) { +// ForeignIDConnectionParameter = new ConnectionParameterForeign(foreign.getConnectionParameter(), props, this.rootConfigFileDir); +// } else { +// Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); +// } +// +// //set OnlineMandateConnectionParameters +// OnlineMandates ovs = auth.getOnlineMandates(); +// if (ovs != null) { +// OnlineMandatesConnectionParameter = new ConnectionParameterMandate(ovs.getConnectionParameter(), props, this.rootConfigFileDir); +// +// } else { +// Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to OVS Service found"); +// } +// +// //set MOASP IdentityLink Trust-ProfileID +// VerifyIdentityLink verifyidl = moasp.getVerifyIdentityLink(); +// if (verifyidl != null) +// MoaSpIdentityLinkTrustProfileID = verifyidl.getTrustProfileID(); +// else { +// Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); +// throw new ConfigurationException("config.02", null); +// } +// +// //set SL transformation infos +// SecurityLayer seclayer = auth.getSecurityLayer(); +// if (seclayer == null) { +// Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); +// throw new ConfigurationException("config.02", null); +// } else { +// TransformsInfos = ConfigurationUtils.getTransformInfos(seclayer.getTransformsInfo()); +// +// if (TransformsInfos == null || TransformsInfos.size() == 0) { +// Logger.error("No Security-Layer Transformation found."); +// throw new ConfigurationException("config.05", new Object[]{"Security-Layer Transformation"}); +// } +// +// } +// +// //set IdentityLinkSignerSubjectNames +// IdentityLinkX509SubjectNames = new ArrayList<String>(); +// IdentityLinkSigners idlsigners = auth.getIdentityLinkSigners(); +// if (idlsigners != null) { +// Logger.debug("Load own IdentityLinkX509SubjectNames"); +// IdentityLinkX509SubjectNames.addAll(new ArrayList<String>(idlsigners.getX509SubjectName())); +// } +// +// // now add the default identity link signers +// String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; +// for (int i=0; i<identityLinkSignersWithoutOID.length; i++) { +// String identityLinkSigner = identityLinkSignersWithoutOID[i]; +// if (!IdentityLinkX509SubjectNames.contains(identityLinkSigner)) { +// IdentityLinkX509SubjectNames.add(identityLinkSigner); +// } +// } +// +// //set SLRequestTemplates +// SLRequestTemplates templ = moaidconfig.getSLRequestTemplates(); +// if (templ == null) { +// Logger.warn("Error in MOA-ID Configuration. No SLRequestTemplates found"); +// throw new ConfigurationException("config.02", null); +// } else { +// SLRequestTemplates.put(IOAAuthParameters.ONLINEBKU, templ.getOnlineBKU()); +// SLRequestTemplates.put(IOAAuthParameters.LOCALBKU, templ.getLocalBKU()); +// SLRequestTemplates.put(IOAAuthParameters.HANDYBKU, templ.getHandyBKU()); +// } +// +// //set Default BKU URLS +// DefaultBKUs bkuuls = moaidconfig.getDefaultBKUs(); +// if (bkuuls != null) { +// DefaultBKUURLs.put(IOAAuthParameters.ONLINEBKU, bkuuls.getOnlineBKU()); +// DefaultBKUURLs.put(IOAAuthParameters.LOCALBKU, bkuuls.getLocalBKU()); +// DefaultBKUURLs.put(IOAAuthParameters.HANDYBKU, bkuuls.getHandyBKU()); +// } +// +// //set SSO Config +// if (auth.getSSO()!= null) { +// ssoconfig = new SSO(); +// ssoconfig.setFriendlyName(auth.getSSO().getFriendlyName()); +// ssoconfig.setPublicURL(auth.getSSO().getPublicURL()); +// ssoconfig.setSpecialText(auth.getSSO().getSpecialText()); +// ssoconfig.setTarget(auth.getSSO().getTarget()); +// +// if (auth.getSSO().getIdentificationNumber() != null) { +// IdentificationNumber value = new IdentificationNumber(); +// value.setType(auth.getSSO().getIdentificationNumber().getType()); +// value.setValue(auth.getSSO().getIdentificationNumber().getValue()); +// ssoconfig.setIdentificationNumber(value); +// } +// } else { +// Logger.warn("Error in MOA-ID Configuration. No Single Sign-On Config found"); +// } +// +// //close Database +// // ConfigurationDBUtils.closeSession(); +// +// date = new Date(); +// } +// +// +// private Properties getGeneralProperiesConfig(final String propPrefix) { +// Properties configProp = new Properties(); +// for (Object key : props.keySet()) { +// if (key.toString().startsWith(propPrefix)) { +// String propertyName = key.toString().substring(propPrefix.length()); +// configProp.put(propertyName, props.get(key.toString())); +// } +// } +// return configProp; +// } +// +// public Properties getGeneralPVP2ProperiesConfig() { +// return this.getGeneralProperiesConfig("protocols.pvp2."); +// } +// +// public Properties getGeneralOAuth20ProperiesConfig() { +// return this.getGeneralProperiesConfig("protocols.oauth20."); +// } +// +// public ProtocolAllowed getAllowedProtocols() { +// return allowedProtcols; +// } +// +// public PVP2 getGeneralPVP2DBConfig() { +// return pvp2general; +// } +// +// public TimeOuts getTimeOuts() throws ConfigurationException { +// return timeouts; +// } +// +// public String getAlternativeSourceID() throws ConfigurationException { +// return alternativesourceid; +// } +// +// public List<String> getLegacyAllowedProtocols() { +// return legacyallowedprotocols; +// } +// +// +// /** +// * Provides configuration information regarding the online application behind +// * the given URL, relevant to the MOA-ID Auth component. +// * +// * @param oaURL URL requested for an online application +// * @return an <code>OAAuthParameter</code>, or <code>null</code> +// * if none is applicable +// */ +// public OAAuthParameter getOnlineApplicationParameter(String oaURL) { +// +// OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(oaURL); // -// if (ssoconfig != null && ssoconfig.getIdentificationNumber() != null) -// return true; -// else -// return false; +// if (oa == null) { +// Logger.warn("Online application with identifier " + oaURL + " is not found."); +// return null; +// } +// +// return new OAAuthParameter(oa); +// } +// +// +// /** +// * Return a string with a url-reference to the VerifyAuthBlock trust +// * profile id within the moa-sp part of the authentication component +// * +// * @return String with a url-reference to the VerifyAuthBlock trust profile ID +// * @throws ConfigurationException +// */ +// public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { +// return verifyidl.getTrustProfileID(); +// } +// +// /** +// * Return a string array with references to all verify transform info +// * IDs within the moa-sp part of the authentication component +// * @return A string array containing all urls to the +// * verify transform info IDs +// * @throws ConfigurationException +// */ +// public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { +// return verifyidl.getVerifyTransformsInfoProfileID(); +// } +// +// /** +// * Return a ConnectionParameter bean containing all information +// * of the authentication component moa-sp element +// * @return ConnectionParameter of the authentication component moa-sp element +// * @throws ConfigurationException +// */ +// public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { +// return MoaSpConnectionParameter; +// } +// +// /** +// * Return a ConnectionParameter bean containing all information +// * of the authentication component foreigid element +// * @return ConnectionParameter of the authentication component foreignid element +// * @throws ConfigurationException +// */ +// public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { +// return ForeignIDConnectionParameter; +// } +// +// /** +// * Return a ConnectionParameter bean containing all information +// * of the authentication component OnlineMandates element +// * @return ConnectionParameter of the authentication component OnlineMandates element +// * @throws ConfigurationException +// */ +// public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { +// return OnlineMandatesConnectionParameter; +// } +// +// /** +// * Return a string with a url-reference to the VerifyIdentityLink trust +// * profile id within the moa-sp part of the authentication component +// * @return String with a url-reference to the VerifyIdentityLink trust profile ID +// * @throws ConfigurationException +// */ +// public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { +// return MoaSpIdentityLinkTrustProfileID; +// } +// +// /** +// * Returns the transformsInfos. +// * @return String[] +// * @throws ConfigurationException +// */ +// public List<String> getTransformsInfos() throws ConfigurationException { +// return TransformsInfos; +// } +// +// /** +// * Returns the identityLinkX509SubjectNames. +// * @return List +// * @throws ConfigurationException +// */ +// public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException { +// return IdentityLinkX509SubjectNames; +// } +// +// public List<String> getSLRequestTemplates() throws ConfigurationException { +// return new ArrayList<String>(SLRequestTemplates.values()); +// } +// +// public String getSLRequestTemplates(String type) throws ConfigurationException { +// String el = SLRequestTemplates.get(type); +// if (MiscUtil.isNotEmpty(el)) +// return el; +// else { +// Logger.warn("getSLRequestTemplates: BKU Type does not match: " +// + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); +// return null; +// } +// } +// +// public List<String> getDefaultBKUURLs() throws ConfigurationException { +// return new ArrayList<String>(DefaultBKUURLs.values()); +// } +// +// public String getDefaultBKUURL(String type) throws ConfigurationException { +// String el = DefaultBKUURLs.get(type); +// if (MiscUtil.isNotEmpty(el)) +// return el; +// else { +// Logger.warn("getSLRequestTemplates: BKU Type does not match: " +// + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); +// return null; +// } // } - - public String getSSOTagetIdentifier() throws ConfigurationException { - if (ssoconfig != null) - return ssoconfig.getTarget(); - else - return null; - } - -// public String getSSOTarget() throws ConfigurationException { -// if (ssoconfig!= null) +// +//// public boolean isSSOBusinessService() throws ConfigurationException { +//// +//// if (ssoconfig != null && ssoconfig.getIdentificationNumber() != null) +//// return true; +//// else +//// return false; +//// } +// +// public String getSSOTagetIdentifier() throws ConfigurationException { +// if (ssoconfig != null) // return ssoconfig.getTarget(); +// else +// return null; +// } +// +//// public String getSSOTarget() throws ConfigurationException { +//// if (ssoconfig!= null) +//// return ssoconfig.getTarget(); +//// +//// return null; +//// } +// +// public String getSSOFriendlyName() { +// if (ssoconfig!= null) { +// if (MiscUtil.isNotEmpty(ssoconfig.getFriendlyName())) +// return ssoconfig.getFriendlyName(); +// } +// +// return "Default MOA-ID friendly name for SSO"; +// } +// +// public String getSSOSpecialText() { +// if (ssoconfig!= null) { +// String text = ssoconfig.getSpecialText(); +// if (MiscUtil.isEmpty(text)) +// text = new String(); +// +// return text; +// } +// return new String(); +// } +// +// public String getMOASessionEncryptionKey() { +// +// String prop = props.getProperty("configuration.moasession.key"); +// if (MiscUtil.isEmpty(prop)) +// return null; +// else +// return prop; +// } +// +// /** +// * @return +// */ +// public String getMOAConfigurationEncryptionKey() { +// String prop = props.getProperty("configuration.moaconfig.key"); +// if (MiscUtil.isEmpty(prop)) +// return null; +// else +// return prop; +// } +// +// public boolean isIdentityLinkResigning() { +// String prop = props.getProperty("configuration.resignidentitylink.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// public String getIdentityLinkResigningKey() { +// String prop = props.getProperty("configuration.resignidentitylink.keygroup"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// /** +// * Checks if is fakeIdL is activated. +// * +// * @return true, if fake IdLs are available for stork +// */ +// public boolean isStorkFakeIdLActive() { +// String prop = props.getProperty("stork.fakeIdL.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// /** +// * Gets the countries which will receive a fake IdL +// * +// * @return the countries +// */ +// public List<String> getStorkFakeIdLCountries() { +// String prop = props.getProperty("stork.fakeIdL.countries", ""); +// return Arrays.asList(prop.replaceAll(" ", "").split(",")); +// } +// +// /** +// * Gets the resigning key (group) for the stork fake IdL. +// * +// * @return the resigning key +// */ +// public String getStorkFakeIdLResigningKey() { +// String prop = props.getProperty("stork.fakeIdL.keygroup"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// /** +// * Gets the countries for which it is configured to require no signature +// * +// * @return the stork no signature countries +// */ +// public List<String> getStorkNoSignatureCountries() { +// String prop = props.getProperty("stork.fakeIdL.noSignatureCountries", ""); +// return Arrays.asList(prop.replaceAll(" ", "").split(",")); +// } +// +// @JsonProperty("isMonitoringActive") +// public boolean isMonitoringActive() { +// String prop = props.getProperty("configuration.monitoring.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// public String getMonitoringTestIdentityLinkURL() { +// String prop = props.getProperty("configuration.monitoring.test.identitylink.url"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// public String getMonitoringMessageSuccess() { +// String prop = props.getProperty("configuration.monitoring.message.success"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// public boolean isAdvancedLoggingActive() { +// String prop = props.getProperty("configuration.advancedlogging.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// public String getPublicURLPrefix() { +// return publicURLPreFix; +// } +// +// public boolean isPVP2AssertionEncryptionActive() { +// String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true"); +// return Boolean.valueOf(prop); +// } +// +// public boolean isCertifiacteQCActive() { +// String prop = props.getProperty("configuration.validation.certificate.QC.ignore", "false"); +// return !Boolean.valueOf(prop); +// } +// +// +// //Load document service url from moa properties +// public String getDocumentServiceUrl() { +// String prop = props.getProperty("stork.documentservice.url", "false"); +// return prop; +// } +// +// +// public boolean isPVPSchemaValidationActive() { +// String prop = props.getProperty("protocols.pvp2.schemavalidation", "true"); +// return Boolean.valueOf(prop); +// } +// +// /** +// * Returns the STORK Configuration +// * @return STORK Configuration +// * @throws ConfigurationException +// */ +// public STORKConfig getStorkConfig() throws ConfigurationException { +// +// return storkconfig; +// } +// +// /** +// * @return the eGovUtilsConfig +// */ +//@JsonIgnore +//public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { +// return eGovUtilsConfig; +//} +// +//private void setCertStoreDirectory() throws ConfigurationException { +// AuthComponentGeneral auth = getAuthComponentGeneral(); +// +// if (auth.getGeneralConfiguration() != null) +// certstoreDirectory = rootConfigFileDir + auth.getGeneralConfiguration().getCertStoreDirectory(); +// else { +// Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); +// throw new ConfigurationException("config.02", null); +// } +// } +// +// private void setTrustManagerRevocationChecking() throws ConfigurationException { +// AuthComponentGeneral auth = getAuthComponentGeneral(); +// +// if (auth.getGeneralConfiguration() != null && +// auth.getGeneralConfiguration().isTrustManagerRevocationChecking() != null) +// trustmanagerrevoationchecking = auth.getGeneralConfiguration().isTrustManagerRevocationChecking(); +// else { +// Logger.warn("No TrustMangerRevoationChecking defined. Use default value = TRUE"); +// throw new ConfigurationException("config.02", null); +// } +// } +// +// private static AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { +// AuthComponentGeneral authgeneral = moaidconfig.getAuthComponentGeneral(); +// if (authgeneral == null) { +// Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); +// throw new ConfigurationException("config.02", null); +// } +// return authgeneral; +// } +// +// private static MOASP getMOASPConfig(AuthComponentGeneral authgeneral) throws ConfigurationException { +// MOASP moasp = authgeneral.getMOASP(); // -// return null; +// if (moasp == null) { +// Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); +// throw new ConfigurationException("config.02", null); +// } +// return moasp; // } - - public String getSSOFriendlyName() { - if (ssoconfig!= null) { - if (MiscUtil.isNotEmpty(ssoconfig.getFriendlyName())) - return ssoconfig.getFriendlyName(); - } - - return "Default MOA-ID friendly name for SSO"; - } - - public String getSSOSpecialText() { - if (ssoconfig!= null) { - String text = ssoconfig.getSpecialText(); - if (MiscUtil.isEmpty(text)) - text = new String(); - - return text; - } - return new String(); - } - - public String getMOASessionEncryptionKey() { - - String prop = props.getProperty("configuration.moasession.key"); - if (MiscUtil.isEmpty(prop)) - return null; - else - return prop; - } - - /** - * @return - */ - public String getMOAConfigurationEncryptionKey() { - String prop = props.getProperty("configuration.moaconfig.key"); - if (MiscUtil.isEmpty(prop)) - return null; - else - return prop; - } - - public boolean isIdentityLinkResigning() { - String prop = props.getProperty("configuration.resignidentitylink.active", "false"); - return Boolean.valueOf(prop); - } - - public String getIdentityLinkResigningKey() { - String prop = props.getProperty("configuration.resignidentitylink.keygroup"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - /** - * Checks if is fakeIdL is activated. - * - * @return true, if fake IdLs are available for stork - */ - public boolean isStorkFakeIdLActive() { - String prop = props.getProperty("stork.fakeIdL.active", "false"); - return Boolean.valueOf(prop); - } - - /** - * Gets the countries which will receive a fake IdL - * - * @return the countries - */ - public List<String> getStorkFakeIdLCountries() { - String prop = props.getProperty("stork.fakeIdL.countries", ""); - return Arrays.asList(prop.replaceAll(" ", "").split(",")); - } - - /** - * Gets the resigning key (group) for the stork fake IdL. - * - * @return the resigning key - */ - public String getStorkFakeIdLResigningKey() { - String prop = props.getProperty("stork.fakeIdL.keygroup"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - /** - * Gets the countries for which it is configured to require no signature - * - * @return the stork no signature countries - */ - public List<String> getStorkNoSignatureCountries() { - String prop = props.getProperty("stork.fakeIdL.noSignatureCountries", ""); - return Arrays.asList(prop.replaceAll(" ", "").split(",")); - } - - public boolean isMonitoringActive() { - String prop = props.getProperty("configuration.monitoring.active", "false"); - return Boolean.valueOf(prop); - } - - public String getMonitoringTestIdentityLinkURL() { - String prop = props.getProperty("configuration.monitoring.test.identitylink.url"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - public String getMonitoringMessageSuccess() { - String prop = props.getProperty("configuration.monitoring.message.success"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - public boolean isAdvancedLoggingActive() { - String prop = props.getProperty("configuration.advancedlogging.active", "false"); - return Boolean.valueOf(prop); - } - - public String getPublicURLPrefix() { - return publicURLPreFix; - } - - public boolean isPVP2AssertionEncryptionActive() { - String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true"); - return Boolean.valueOf(prop); - } - - public boolean isCertifiacteQCActive() { - String prop = props.getProperty("configuration.validation.certificate.QC.ignore", "false"); - return !Boolean.valueOf(prop); - } - - - //Load document service url from moa properties - public String getDocumentServiceUrl() { - String prop = props.getProperty("stork.documentservice.url", "false"); - return prop; - } - - - public boolean isPVPSchemaValidationActive() { - String prop = props.getProperty("protocols.pvp2.schemavalidation", "true"); - return Boolean.valueOf(prop); - } - - /** - * Returns the STORK Configuration - * @return STORK Configuration - * @throws ConfigurationException - */ - public STORKConfig getStorkConfig() throws ConfigurationException { - - return storkconfig; - } - - /** - * @return the eGovUtilsConfig - */ -public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { - return eGovUtilsConfig; -} - -private void setCertStoreDirectory() throws ConfigurationException { - AuthComponentGeneral auth = getAuthComponentGeneral(); - - if (auth.getGeneralConfiguration() != null) - certstoreDirectory = rootConfigFileDir + auth.getGeneralConfiguration().getCertStoreDirectory(); - else { - Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); - throw new ConfigurationException("config.02", null); - } - } - - private void setTrustManagerRevocationChecking() throws ConfigurationException { - AuthComponentGeneral auth = getAuthComponentGeneral(); - - if (auth.getGeneralConfiguration() != null && - auth.getGeneralConfiguration().isTrustManagerRevocationChecking() != null) - trustmanagerrevoationchecking = auth.getGeneralConfiguration().isTrustManagerRevocationChecking(); - else { - Logger.warn("No TrustMangerRevoationChecking defined. Use default value = TRUE"); - throw new ConfigurationException("config.02", null); - } - } - - private static AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { - AuthComponentGeneral authgeneral = moaidconfig.getAuthComponentGeneral(); - if (authgeneral == null) { - Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); - throw new ConfigurationException("config.02", null); - } - return authgeneral; - } - - private static MOASP getMOASPConfig(AuthComponentGeneral authgeneral) throws ConfigurationException { - MOASP moasp = authgeneral.getMOASP(); - - if (moasp == null) { - Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); - throw new ConfigurationException("config.02", null); - } - return moasp; - } - -} +// +///* (non-Javadoc) +// * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getConfigurationWithPrefix(java.lang.String) +// */ +//@Override +//public Properties getConfigurationWithPrefix(String Prefix) { +// // TODO Auto-generated method stub +// return null; +//} +// +///* (non-Javadoc) +// * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getConfigurationWithKey(java.lang.String) +// */ +//@Override +//public String getConfigurationWithKey(String key) { +// // TODO Auto-generated method stub +// return null; +//} +// +//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java new file mode 100644 index 000000000..38135b028 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java @@ -0,0 +1,74 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.auth; + +import java.net.URI; +import java.net.URISyntaxException; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class AuthConfigurationProviderFactory { + + /** Singleton instance. <code>null</code>, if none has been created. */ + private static AuthConfiguration instance = null;; + + + public static synchronized AuthConfiguration getInstance() + throws ConfigurationException { + + if (instance == null) { + reload(); + } + return instance; + } + + /** + * @return + * @throws ConfigurationException + */ + public static AuthConfiguration reload() throws ConfigurationException { + String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); + if (fileName == null) { + throw new ConfigurationException("config.01", null); + } + Logger.info("Loading MOA-ID-AUTH configuration " + fileName); + + try { + URI fileURI = new URI(fileName); + instance = new PropertyBasedAuthConfigurationProvider(fileURI); + + } catch (URISyntaxException e){ + Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix."); + throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, fileName}); + + } + return instance; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java new file mode 100644 index 000000000..e1c1ac49e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java @@ -0,0 +1,155 @@ +//package at.gv.egovernment.moa.id.config.auth; +// +//import java.beans.IntrospectionException; +//import java.beans.Introspector; +//import java.beans.PropertyDescriptor; +//import java.lang.reflect.InvocationTargetException; +//import java.lang.reflect.Method; +//import java.util.Arrays; +//import java.util.List; +// +//import org.springframework.beans.factory.annotation.Autowired; +//import org.springframework.beans.factory.config.AutowireCapableBeanFactory; +//import org.springframework.context.ApplicationContext; +//import org.springframework.context.support.ClassPathXmlApplicationContext; +// +//import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; +//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +//import at.gv.egovernment.moa.id.config.ConfigurationException; +//import at.gv.egovernment.moa.id.config.ConfigurationProvider; +// +//import com.fasterxml.jackson.annotation.JsonIgnore; +//import com.fasterxml.jackson.annotation.JsonProperty; +// +//public class ConfigurationToJSONConverter { +// +// @Autowired +// NewAuthConfigurationProvider configProvider; +// +// @Autowired +// MOAIDConfiguration configDataBase; +// +// public static void main(String[] args) { +// +// try { +// ConfigurationToJSONConverter converter = new ConfigurationToJSONConverter(args[0]); +// converter.writeConfigToJSONDB(); +// System.out.println("====================================="); +// System.out.println("====================================="); +// converter.readConfigFromDB(); +// System.out.println("====================================="); +// System.out.println("====================================="); +// +// // otherwise the database connection is not initialized +// JaxBAuthConfigurationProvider.getInstance(); +// List<String> methodNames = Arrays.asList("getAllOnlineApplications", "getAllUsers", "getMOAIDConfiguration"); +// converter.extractDataViaConfigurationDBRead(methodNames); +// converter.readExtractedConfigurationDBReadData(methodNames); +// +// } catch (ConfigurationException e) { +// e.printStackTrace(); +// System.out.println("Problems reading the configuration file in: " + System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME)); +// System.exit(1); +// } +// +// } +// +// public ConfigurationToJSONConverter(String pathToDBConfigPropertiesFile) throws ConfigurationException { +// +// System.getProperties().setProperty("location", "file:" + pathToDBConfigPropertiesFile); +// ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); +// AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); +// acbFactory.autowireBean(this); +// +// } +// +// public void extractDataViaConfigurationDBRead(List<String> methodNames) { +// System.out.println("Start extracting"); +// // read objects from db and write to key-value +// for (String name : methodNames) { +// try { +// Method method = ConfigurationDBRead.class.getMethod(name); +// Object tmp = method.invoke(null, new Object[] {}); +// JsonProperty annotation = method.getAnnotation(JsonProperty.class); +// if (annotation != null) { +// configDataBase.set(annotation.value(), tmp); +// } else { +// System.out.println("Annotate Method with name: " + name); +// } +// } catch (NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException +// | InvocationTargetException e) { +// System.out.println("Problems while extracting ConfigurationDBRead data."); +// } +// } +// } +// +// public void readExtractedConfigurationDBReadData(List<String> methodNames) { +// for (String name : methodNames) { +// Object tmp = configDataBase.get(name); +// System.out.println(">>> OBJECT: " + tmp); +// } +// } +// +// public void writeConfigToJSONDB() { +// +// try { +// // find all getter methods +// for (PropertyDescriptor pd : Introspector.getBeanInfo(NewAuthConfigurationProvider.class).getPropertyDescriptors()) { +// // check if correct methods, and not annotated with @JsonIgnore +// if ((pd.getReadMethod() != null) +// && (!"class".equals(pd.getName())) +// && (pd.getReadMethod().getAnnotation(JsonIgnore.class) == null)) { +// +// JsonProperty name = pd.getReadMethod().getAnnotation(JsonProperty.class); +// // get result of get method +// Object tmp; +// try { +// tmp = pd.getReadMethod().invoke(configProvider); +// // convert result to JSON +// if (name != null) { +// configDataBase.set(name.value(), tmp); +// } else { +// System.out.println("CHECK if '" + pd.getDisplayName() + "' is NOT ANNOTATED"); +// } +// } catch (IllegalAccessException | InvocationTargetException e) { +// System.out.println("Problems while writing the configuration to the database."); +// } +// } +// } +// +// // no static method handling needed +// +// } catch (IllegalArgumentException e) { +// System.out.println("Problems while using reflection to get all getter methods."); +// } catch (IntrospectionException e) { +// System.out.println("Problems while using reflection to get all getter methods."); +// } +// +// } +// +// public void readConfigFromDB() { +// try { +// // find all getter methods +// for (PropertyDescriptor pd : Introspector.getBeanInfo(NewAuthConfigurationProvider.class) +// .getPropertyDescriptors()) { +// // check if correct methods, and not annotated with @JsonIgnore +// if ((pd.getReadMethod() != null) +// && (!"class".equals(pd.getName())) +// && (pd.getReadMethod().getAnnotation(JsonIgnore.class) == null)) { +// JsonProperty name = pd.getReadMethod().getAnnotation(JsonProperty.class); +// // get result of get method +// if (name != null) { +// System.out.println(">>> OBJECT: " + configDataBase.get(name.value())); +// } else { +// System.out.println("CHECK if '" + pd.getDisplayName() + "' is NOT ANNOTATED"); +// } +// } +// } +// } catch (IllegalArgumentException e) { +// System.out.println("Problems while using reflection to get all getter methods."); +// } catch (IntrospectionException e) { +// System.out.println("Problems while using reflection to get all getter methods."); +// } +// } +// +//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java index 56cd36dcd..92d0856ba 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java @@ -23,16 +23,14 @@ package at.gv.egovernment.moa.id.config.auth; import java.security.PrivateKey; +import java.util.Collection; import java.util.List; import java.util.Map; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters; +import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.config.stork.CPEPS; +import at.gv.egovernment.moa.id.config.stork.StorkAttribute; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; /** * @author tlenz @@ -45,13 +43,33 @@ public interface IOAAuthParameters { public static final String LOCALBKU = "local"; public static final String INDERFEDERATEDIDP = "interfederated"; + /** + * Get the full key/value configuration for this online application + * + * @return an unmodifiable map of key/value pairs + */ + public Map<String, String> getFullConfiguration(); + + /** + * Get a configuration value from online application key/value configuration + * + * @param key: The key identifier of a configuration value * + * @return The configuration value {String} or null if the key does not exist + */ + public String getConfigurationValue(String key); + + public String getFriendlyName(); public String getPublicURLPrefix(); + + public String getOaType(); public boolean getBusinessService(); public String getTarget(); + public String getTargetFriendlyName(); + public boolean isInderfederationIDP(); public boolean isSTORKPVPGateway(); @@ -66,34 +84,46 @@ public interface IOAAuthParameters { */ public String getKeyBoxIdentifier(); + public SAML1ConfigurationParameters getSAML1Parameter(); + /** - * @return the transformsInfos + * Get a list of online application specific trusted security layer templates + * + * @return a {List<String>} with template URLs, maybe empty but never null */ - public List<String> getTransformsInfos(); - - public OASAML1 getSAML1Parameter(); - - public OAPVP2 getPVP2Parameter(); + public List<String> getTemplateURL(); + /** - * @return the templateURL + * Return the additional AuthBlock text for this online application + * + * @return authblock text {String} or null if no text is configured */ - public List<TemplateType> getTemplateURL(); - public String getAditionalAuthBlockText(); + /** + * Return an online application specific BKU URL for a requested BKU type + * + * @param bkutype: defines the type of BKU + * @return BKU URL {String} or null if no BKU URL is configured + */ public String getBKUURL(String bkutype); + /** + * Return a list of all configured BKU URLs for this online application + * + * @return List<String> of BKU URLs or an empty list if no BKU is configured + */ public List<String> getBKUURL(); public boolean useSSO(); public boolean useSSOQuestion(); - public String getSingleLogOutURL(); - /** - * @return the mandateProfiles + * Return all mandate-profile types configured for this online application + * + * @return the mandateProfiles {List<String>} or null if no profile is defined */ public List<String> getMandateProfiles(); @@ -117,20 +147,25 @@ public interface IOAAuthParameters { public Integer getQaaLevel(); - /** - * @return the requestedAttributes - */ - public List<OAStorkAttribute> getRequestedAttributes(); - public boolean isRequireConsentForStorkAttributes(); - public List<AttributeProviderPlugin> getStorkAPs(); + /** + * Return a {Collection} of requested STORK attributes + * + * @return {Collection<StorkAttribute>} maybe empty but never null + */ + public Collection<StorkAttribute> getRequestedSTORKAttributes(); public byte[] getBKUSelectionTemplate(); public byte[] getSendAssertionTemplate(); - public List<CPEPS> getPepsList(); + /** + * Return a {Collection} of configured STORK CPEPS + * + * @return {Collection<CPEPS>} maybe empty but never null + */ + public Collection<CPEPS> getPepsList(); public String getIDPAttributQueryServiceURL(); @@ -164,6 +199,13 @@ public interface IOAAuthParameters { * @return */ boolean isPerformLocalAuthenticationOnInterfederationError(); + + /** + * Get a {Collection} of configured STORK attribute provider plug-ins + * + * @return {Collection<StorkAttributeProviderPlugins>} maybe empty but never null + */ + public Collection<StorkAttributeProviderPlugin> getStorkAPs(); public List<Integer> getReversionsLoggingEventCodes(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 451dedc31..d3292b021 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -49,135 +49,197 @@ package at.gv.egovernment.moa.id.config.auth; import java.io.IOException; import java.security.PrivateKey; import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; import org.apache.commons.lang.SerializationUtils; -import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger; import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; -import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; -import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; -import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationGatewayType; -import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationIDPType; -import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; -import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; -import at.gv.egovernment.moa.id.commons.db.dao.config.TestCredentials; -import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; -import at.gv.egovernment.moa.id.config.ConfigurationUtils; -import at.gv.egovernment.moa.id.config.OAParameter; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.commons.validation.TargetValidator; +import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters; +import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.config.stork.CPEPS; +import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.id.config.stork.StorkAttribute; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.id.util.ConfigurationEncrytionUtil; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; + + /** * Configuration parameters belonging to an online application, * to use with the MOA ID Auth component. * - * @author Stefan Knirsch - * @version $Id$ + * @author Thomas Lenz */ -/** - * - * - * @author Harald Bratko - */ -public class OAAuthParameter extends OAParameter implements IOAAuthParameters { - - private AuthComponentOA oa_auth; - private String keyBoxIdentifier; - private InterfederationIDPType inderfederatedIDP = null; - private InterfederationGatewayType interfederatedGateway = null; +public class OAAuthParameter implements IOAAuthParameters { - public OAAuthParameter(OnlineApplication oa) { - super(oa); + final public static String DEFAULT_KEYBOXIDENTIFIER = "SecureSignatureKeypair"; - this.oa_auth = oa.getAuthComponentOA(); + private Map<String, String> oaConfiguration; - this.keyBoxIdentifier = oa.getKeyBoxIdentifier().value(); - this.inderfederatedIDP = oa.getInterfederationIDP(); - - this.interfederatedGateway = oa.getInterfederationGateway(); + public OAAuthParameter(final Map<String, String> oa) { + this.oaConfiguration = oa; } + public Map<String, String> getFullConfiguration() { + return Collections.unmodifiableMap(this.oaConfiguration); + } + + public String getConfigurationValue(String key) { + return this.oaConfiguration.get(key); + } + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifier() */ @Override public String getIdentityLinkDomainIdentifier() { + String type = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE); + if (MiscUtil.isNotEmpty(type) && MiscUtil.isNotEmpty(value)) { + if (MOAIDConstants.IDENIFICATIONTYPE_STORK.equals(type)) { + return MOAIDConstants.PREFIX_STORK + "AT" + "+" + value; + + } else { + return MOAIDConstants.PREFIX_WPBK + type + "+" + value; + + } + } - IdentificationNumber idnumber = oa_auth.getIdentificationNumber(); - if (idnumber != null) - return idnumber.getValue(); - return null; } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getKeyBoxIdentifier() + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifierType() */ @Override -public String getKeyBoxIdentifier() { +public String getIdentityLinkDomainIdentifierType() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); + if (MiscUtil.isNotEmpty(value)) + return MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(value); - return keyBoxIdentifier; + else + return null; +} + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTarget() + */ +@Override +public String getTarget() { + if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN))) + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET); + + else { + if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB))) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET) + + "-" + + oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB); + + } else { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET); + } + } } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTransformsInfos() + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTargetFriendlyName() */ @Override -public List<String> getTransformsInfos() { +public String getTargetFriendlyName() { + if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN))) + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME); + + else + return TargetValidator.getTargetFriendlyName(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET)); + +} + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getKeyBoxIdentifier() + */ +@Override +public String getKeyBoxIdentifier() { + String keyBoxId = oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_KEYBOXIDENTIFIER); + if (MiscUtil.isNotEmpty(keyBoxId)) + return keyBoxId; + else + return DEFAULT_KEYBOXIDENTIFIER; - List<TransformsInfoType> transformations = oa_auth.getTransformsInfo(); - return ConfigurationUtils.getTransformInfos(transformations); } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSAML1Parameter() */ @Override - public OASAML1 getSAML1Parameter() { - return oa_auth.getOASAML1(); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPVP2Parameter() - */ - @Override - public OAPVP2 getPVP2Parameter() { - return oa_auth.getOAPVP2(); + public SAML1ConfigurationParameters getSAML1Parameter() { + SAML1ConfigurationParameters returnValue = new SAML1ConfigurationParameters(); + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED)) + returnValue.setActive( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK)) + returnValue.setProvideAuthBlock( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL)) + returnValue.setProvideIdl( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID)) + returnValue.setProvideBaseId( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE)) + returnValue.setProvideCertificate( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE)) + returnValue.setProvideMandate( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR)) + returnValue.setProvideAllErrors( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR))); + + return returnValue; } - + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTemplateURL() */ @Override - public List<TemplateType> getTemplateURL() { - TemplatesType templates = oa_auth.getTemplates(); - - if (templates != null) { - if (templates.getTemplate() != null) { - return templates.getTemplate(); - } - } - return null; + public List<String> getTemplateURL() { + List<String> list = new ArrayList<String>(); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)); + + return list; } /* (non-Javadoc) @@ -185,12 +247,8 @@ public List<String> getTransformsInfos() { */ @Override public String getAditionalAuthBlockText() { - TemplatesType templates = oa_auth.getTemplates(); - - if (templates != null) { - return templates.getAditionalAuthBlockText(); - } - return null; + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT); + } /* (non-Javadoc) @@ -198,16 +256,17 @@ public List<String> getTransformsInfos() { */ @Override public String getBKUURL(String bkutype) { - BKUURLS bkuurls = oa_auth.getBKUURLS(); - if (bkuurls != null) { - if (bkutype.equals(ONLINEBKU)) - return bkuurls.getOnlineBKU(); - else if (bkutype.equals(HANDYBKU)) - return bkuurls.getHandyBKU(); - else if (bkutype.equals(LOCALBKU)) - return bkuurls.getLocalBKU(); + if (bkutype.equals(ONLINEBKU)) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE); + + } else if (bkutype.equals(HANDYBKU)) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY); + + } else if (bkutype.equals(LOCALBKU)) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL); } + Logger.warn("BKU Type does not match: " + ONLINEBKU + " or " + HANDYBKU + " or " + LOCALBKU); return null; @@ -217,19 +276,18 @@ public List<String> getTransformsInfos() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBKUURL() */ @Override - public List<String> getBKUURL() { - BKUURLS bkuurls = oa_auth.getBKUURLS(); - + public List<String> getBKUURL() { List<String> list = new ArrayList<String>(); - if (bkuurls == null) { - Logger.warn("BKU Type does not match: " - + ONLINEBKU + " or " + HANDYBKU + " or " + LOCALBKU); - } else { - list.add(bkuurls.getOnlineBKU()); - list.add(bkuurls.getHandyBKU()); - list.add(bkuurls.getLocalBKU()); - } + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL)); + return list; } @@ -239,11 +297,14 @@ public List<String> getTransformsInfos() { */ @Override public boolean useSSO() { - OASSO sso = oa_auth.getOASSO(); - if (sso != null) - return sso.isUseSSO(); - else + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_ENABLED)); + + } catch (Exception e) { + Logger.warn("Use SSO configuration parameter is not parseable.", e); return false; + } + } /* (non-Javadoc) @@ -251,86 +312,48 @@ public List<String> getTransformsInfos() { */ @Override public boolean useSSOQuestion() { - OASSO sso = oa_auth.getOASSO(); - if (sso != null) - return sso.isAuthDataFrame(); - else + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST)); + + } catch (Exception e) { + Logger.warn("SSO user question configuration parameter is not parseable.", e); return true; - + } } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSingleLogOutURL() - */ - @Override - public String getSingleLogOutURL() { - OASSO sso = oa_auth.getOASSO(); - if (sso != null) - return sso.getSingleLogOutURL(); - else - return null; - } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getMandateProfiles() */ @Override public List<String> getMandateProfiles() { + String profileConfig = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES); + + if (MiscUtil.isNotEmpty(profileConfig)) { + List<String> list = new ArrayList<String>(); + String profilesArray[] = profileConfig.split(","); + for(int i = 0; i < profilesArray.length; i++) { + list.add(profilesArray[i].trim()); + + } + return list; + + } - Mandates mandates = oa_auth.getMandates(); - - List<String> list = new ArrayList<String>(); - - if (mandates != null) { - String oldProfilList = mandates.getProfiles(); - - List<MandatesProfileNameItem> profileList = mandates.getProfileNameItems(); - for (MandatesProfileNameItem el : profileList) { - list.add(el.getItem()); - - } - - //only for RC1 - if (MiscUtil.isNotEmpty(oldProfilList)) { - String profilesArray[] = oldProfilList.split(","); - for(int i = 0; i < profilesArray.length; i++) { - list.add(profilesArray[i].trim()); - } - } - - return list; - - } else - return null; -} - -/* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifierType() - */ -@Override -public String getIdentityLinkDomainIdentifierType() { - IdentificationNumber idnumber = oa_auth.getIdentificationNumber(); - if (idnumber != null) - return idnumber.getType(); - return null; } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isShowMandateCheckBox() */ @Override public boolean isShowMandateCheckBox() { - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null) { - BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); - if (bkuselection != null) { - if (bkuselection.isMandateLoginButton() != null) - return bkuselection.isMandateLoginButton(); - } + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE)); + + } catch (Exception e) { + Logger.warn("Enable mandates configuration parameter is not parseable.", e); + return true; } - return true; } /* (non-Javadoc) @@ -338,15 +361,13 @@ public boolean isShowMandateCheckBox() { */ @Override public boolean isOnlyMandateAllowed() { - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null) { - BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); - if (bkuselection != null) { - if (bkuselection.isOnlyMandateLoginAllowed() != null) - return bkuselection.isOnlyMandateLoginAllowed(); - } + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_ONLY)); + + } catch (Exception e) { + Logger.warn("Use ONLY mandates configuration parameter is not parseable.", e); + return false; } - return false; } /* (non-Javadoc) @@ -355,9 +376,10 @@ public boolean isOnlyMandateAllowed() { @Override public boolean isShowStorkLogin() { try { - return oa_auth.getOASTORK().isStorkLogonEnabled(); - - } catch (NullPointerException e) { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED)); + + } catch (Exception e) { + Logger.warn("Enable STORK login configuration parameter is not parseable.", e); return false; } } @@ -366,54 +388,46 @@ public boolean isOnlyMandateAllowed() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFormCustomizaten() */ @Override -public Map<String, String> getFormCustomizaten() { - TemplatesType templates = oa_auth.getTemplates(); - +public Map<String, String> getFormCustomizaten() { Map<String, String> map = new HashMap<String, String>(); map.putAll(FormBuildUtils.getDefaultMap()); - if (templates != null) { - BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); - if (bkuselection != null) { - if (MiscUtil.isNotEmpty(bkuselection.getBackGroundColor())) - map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, bkuselection.getBackGroundColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getButtonBackGroundColor())) - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, bkuselection.getButtonBackGroundColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getButtonBackGroundColorFocus())) - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, bkuselection.getButtonBackGroundColorFocus()); - - if (MiscUtil.isNotEmpty(bkuselection.getButtonFontColor())) - map.put(FormBuildUtils.BUTTON_COLOR, bkuselection.getButtonFontColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getFontType())) - map.put(FormBuildUtils.FONTFAMILY, bkuselection.getFontType()); - - if (MiscUtil.isNotEmpty(bkuselection.getFrontColor())) - map.put(FormBuildUtils.MAIN_COLOR, bkuselection.getFrontColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getHeaderBackGroundColor())) - map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, bkuselection.getHeaderBackGroundColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getHeaderFrontColor())) - map.put(FormBuildUtils.HEADER_COLOR, bkuselection.getHeaderFrontColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getHeaderText())) - map.put(FormBuildUtils.HEADER_TEXT, bkuselection.getHeaderText()); - - if (MiscUtil.isNotEmpty(bkuselection.getAppletRedirectTarget())) - map.put(FormBuildUtils.REDIRECTTARGET, bkuselection.getAppletRedirectTarget()); - - if (MiscUtil.isNotEmpty(bkuselection.getAppletHeight())) - map.put(FormBuildUtils.APPLET_HEIGHT, bkuselection.getAppletHeight()); - - if (MiscUtil.isNotEmpty(bkuselection.getAppletWidth())) - map.put(FormBuildUtils.APPLET_WIDTH, bkuselection.getAppletWidth()); - - } - } + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR))) + map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR))) + map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS))) + map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR))) + map.put(FormBuildUtils.BUTTON_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR)); + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE))) + map.put(FormBuildUtils.FONTFAMILY, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR))) + map.put(FormBuildUtils.MAIN_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR))) + map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR))) + map.put(FormBuildUtils.HEADER_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT))) + map.put(FormBuildUtils.HEADER_TEXT, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET))) + map.put(FormBuildUtils.REDIRECTTARGET, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT))) + map.put(FormBuildUtils.APPLET_HEIGHT, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH))) + map.put(FormBuildUtils.APPLET_WIDTH, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH)); + return map; } @@ -422,21 +436,75 @@ public Map<String, String> getFormCustomizaten() { */ @Override public Integer getQaaLevel() { - if (oa_auth.getOASTORK() != null && - oa_auth.getOASTORK().getQaa() != null && - oa_auth.getOASTORK().getQaa() >= 1 && - oa_auth.getOASTORK().getQaa() <= 4) - return oa_auth.getOASTORK().getQaa(); - else + try { + Integer storkQAALevel = Integer.parseInt(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL)); + + if (storkQAALevel >= 1 && + storkQAALevel <= 4) + return storkQAALevel; + + else { + Logger.info("STORK minimal QAA level is not in a valid range. Use minimal QAA 4"); + return 4; + + } + + } catch (NumberFormatException e) { + Logger.warn("STORK minimal QAA level is not a number.", e); return 4; + + } } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getRequestedAttributes() */ @Override -public List<OAStorkAttribute> getRequestedAttributes() { - return oa_auth.getOASTORK().getOAAttributes(); +public Collection<StorkAttribute> getRequestedSTORKAttributes() { + Map<String, Integer> attrMap = new HashMap<String, Integer>(); + Map<String, StorkAttribute> resultMap = new HashMap<String, StorkAttribute>(); + + Set<String> configKeys = oaConfiguration.keySet(); + for (String el : configKeys) { + if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST); + if (!attrMap.containsKey(index)) { + String isRequested = oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED); + + if (MiscUtil.isNotEmpty(isRequested) && Boolean.parseBoolean(isRequested)) { + StorkAttribute attr = new StorkAttribute( + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME), + Boolean.valueOf(oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); + attrMap.put(index, 0); + resultMap.put(attr.getName(), attr); + } + } + } + } + + //add mandatory attributes from general config + try { + for (StorkAttribute el : AuthConfigurationProviderFactory.getInstance().getStorkConfig().getStorkAttributes()) { + if (el.getMandatory()) + resultMap.put(el.getName(), el); + + } + + } catch (Exception e) { + Logger.warn("Mandatory STORK attributes can not added.", e); + + } + + return resultMap.values(); } /* (non-Javadoc) @@ -447,12 +515,17 @@ public boolean isRequireConsentForStorkAttributes() { try{ if (isSTORKPVPGateway()) return false; + + if (MiscUtil.isEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT))) { + Logger.info("isRequireConsentForStorkAttributes() is empty, returning default value 'true'"); + return true; + + } - return oa_auth.getOASTORK().isRequireConsent(); + return Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT)); }catch(Exception e) { - e.printStackTrace(); - Logger.warn("isRequireConsentForStorkAttributes() failed, returning default value 'true'"); + Logger.warn("isRequireConsentForStorkAttributes() failed, returning default value 'true'", e); return true; } } @@ -461,14 +534,32 @@ public boolean isRequireConsentForStorkAttributes() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getStorkAPs() */ @Override -public List<AttributeProviderPlugin> getStorkAPs() { - if (oa_auth.getOASTORK() != null && - oa_auth.getOASTORK().getAttributeProviders() != null) - return oa_auth.getOASTORK().getAttributeProviders(); - - else - return new ArrayList<AttributeProviderPlugin>(); - +public Collection<StorkAttributeProviderPlugin> getStorkAPs() { + Map<String, StorkAttributeProviderPlugin> pluginMap = new HashMap<String, StorkAttributeProviderPlugin>(); + Set<String> configKeys = oaConfiguration.keySet(); + for (String el : configKeys) { + if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST); + if (!pluginMap.containsKey(index)) { + StorkAttributeProviderPlugin attr = new StorkAttributeProviderPlugin( + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME), + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL), + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES)); + pluginMap.put(index, attr); + } + } + } + + return pluginMap.values(); } /* (non-Javadoc) @@ -476,11 +567,16 @@ public List<AttributeProviderPlugin> getStorkAPs() { */ @Override public byte[] getBKUSelectionTemplate() { - - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null && templates.getBKUSelectionTemplate() != null) { - return templates.getBKUSelectionTemplate().getTransformation(); - + try { + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA); + if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { + return Base64Utils.decode(bkuSelectionTemplateBase64, false); + + } + + } catch (Exception e) { + Logger.warn("OA specific BKU selection template is not decodeable", e); + } return null; @@ -491,11 +587,16 @@ public byte[] getBKUSelectionTemplate() { */ @Override public byte[] getSendAssertionTemplate() { - - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null && templates.getSendAssertionTemplate() != null) { - return templates.getSendAssertionTemplate().getTransformation(); - + try { + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA); + if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { + return Base64Utils.decode(bkuSelectionTemplateBase64, false); + + } + + } catch (Exception e) { + Logger.warn("OA specific BKU selection template is not decodeable", e); + } return null; @@ -505,8 +606,41 @@ public byte[] getSendAssertionTemplate() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPepsList() */ @Override -public List<CPEPS> getPepsList() { - return new ArrayList<CPEPS>(oa_auth.getOASTORK().getCPEPS()); +public Collection<CPEPS> getPepsList() { + Map<String, CPEPS> cPEPSMap = new HashMap<String, CPEPS>(); + try { + STORKConfig availableSTORKConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); + if (availableSTORKConfig != null) { + Set<String> configKeys = oaConfiguration.keySet(); + + for (String el : configKeys) { + if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST); + if (!cPEPSMap.containsKey(index)) { + if (Boolean.parseBoolean(oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED))) { + CPEPS availableCPEPS = availableSTORKConfig.getCPEPS( + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE)); + + if (availableCPEPS != null) + cPEPSMap.put(index, availableCPEPS); + } + } + } + } + } + + } catch (ConfigurationException e) { + Logger.error("MOA-ID configuration is not accessable.", e); + + } + + return cPEPSMap.values(); } /* (non-Javadoc) @@ -514,52 +648,53 @@ public List<CPEPS> getPepsList() { */ @Override public String getIDPAttributQueryServiceURL() { - if (inderfederatedIDP != null) - return inderfederatedIDP.getAttributeQueryURL(); - - else - return null; - + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL); + } @Override public boolean isInboundSSOInterfederationAllowed() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isInboundSSO(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else return false; } @Override public boolean isOutboundSSOInterfederationAllowed() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isOutboundSSO(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else return false; } @Override public boolean isPassivRequestUsedForInterfederation() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isPerformPassivRequest().booleanValue(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else - return false; + return false; } @Override public boolean isPerformLocalAuthenticationOnInterfederationError() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isPerformLocalAuthenticationOnError().booleanValue(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else return false; } @Override public boolean isInterfederationSSOStorageAllowed() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isStoreSSOSession().booleanValue(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else - return false; + return false; } public boolean isIDPPublicService() { @@ -569,11 +704,7 @@ public boolean isIDPPublicService() { public String getSTORKPVPForwardEntity() { - if (interfederatedGateway != null) { - return interfederatedGateway.getForwardIDPIdentifier(); - - } else - return null; + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER); } @@ -582,11 +713,11 @@ public String getSTORKPVPForwardEntity() { */ @Override public boolean isTestCredentialEnabled() { - TestCredentials testing = oa_auth.getTestCredentials(); - if (testing != null && testing.isEnableTestCredentials()) - return true; + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else - return false; + return false; } @@ -595,10 +726,17 @@ public boolean isTestCredentialEnabled() { */ @Override public List<String> getTestCredentialOIDs() { - TestCredentials testing = oa_auth.getTestCredentials(); - if (testing != null && testing.getCredentialOID().size() > 0) - return testing.getCredentialOID(); - else + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED); + if (MiscUtil.isNotEmpty(value)) { + List<String> list = new ArrayList<String>(); + String profilesArray[] = value.split(","); + for(int i = 0; i < profilesArray.length; i++) { + list.add(profilesArray[i].trim()); + + } + return list; + + } else return null; } @@ -611,8 +749,11 @@ public PrivateKey getBPKDecBpkDecryptionKey() { try { EncryptedData encdata = new EncryptedData( - oa_auth.getEncBPKInformation().getBPKDecryption().getKeyInformation(), - oa_auth.getEncBPKInformation().getBPKDecryption().getIv()); + Base64Utils.decode( + oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_BLOB), false), + Base64Utils.decode( + oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_IV), false)); + byte[] serializedData = ConfigurationEncrytionUtil.getInstance().decrypt(encdata); BPKDecryptionParameters data = (BPKDecryptionParameters) SerializationUtils.deserialize(serializedData); @@ -620,25 +761,106 @@ public PrivateKey getBPKDecBpkDecryptionKey() { return data.getPrivateKey(); } catch (BuildException e) { - // TODO Auto-generated catch block Logger.error("Can not decrypt key information for bPK decryption", e); } catch (NullPointerException e) { Logger.error("No keyInformation found for bPK decryption"); - } + } catch (IOException e) { + Logger.error("Can not decode key information for bPK decryption.", e); + } + return null; } /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPublicURLPrefix() + */ +@Override +public String getPublicURLPrefix() { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); +} + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBusinessService() + */ +@Override +public boolean getBusinessService() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); + else + return true; +} + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInderfederationIDP() + */ +@Override +public boolean isInderfederationIDP() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + return MOAIDConfigurationConstants.PREFIX_IIDP.equals(value); + +} + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isSTORKPVPGateway() + */ +@Override +public boolean isSTORKPVPGateway() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + return MOAIDConfigurationConstants.PREFIX_GATEWAY.equals(value); +} + + + + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFriendlyName() + */ +@Override +public String getFriendlyName() { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME); +} + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getOaType() + */ +@Override +public String getOaType() { + if (getBusinessService()) + return "businessService"; + else + return "publicService"; +} + + +/** + * + * @return true/false if bPK or wbPK should not be visible in AuthBlock + */ +public boolean isRemovePBKFromAuthBlock() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); + else + return false; +} + + +/* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getReversionsLoggingEventCodes() */ @Override public List<Integer> getReversionsLoggingEventCodes() { - // TODO !!!!! - return MOAReversionLogger.getInstance().getDefaulttReversionsLoggingEventCodes(); + // TODO Auto-generated method stub + return null; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java new file mode 100644 index 000000000..9fc03e2df --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -0,0 +1,1079 @@ +package at.gv.egovernment.moa.id.config.auth; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.math.BigInteger; +import java.net.MalformedURLException; +import java.net.URI; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.config.AutowireCapableBeanFactory; +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; +import at.gv.egovernment.moa.id.config.ConfigurationUtils; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; +import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; +import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; +import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; +import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; +import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * A class providing access to the Auth Part of the MOA-ID configuration data. + */ +public class PropertyBasedAuthConfigurationProvider extends ConfigurationProviderImpl implements AuthConfiguration { + + + private static final boolean TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT = true; + + private MOAIDConfiguration configuration; + private final Properties properties = new Properties(); + private ApplicationContext context = null; + + public PropertyBasedAuthConfigurationProvider() { + + } + + /** + * The constructor with path to a properties file as argument. + * + * @param fileName the path to the properties file + * @throws ConfigurationException if an error occurs during loading the properties file. + */ + public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException { + File propertiesFile = new File(fileName); + rootConfigFileDir = propertiesFile.getParent(); + try { + rootConfigFileDir = new File(rootConfigFileDir).toURI().toURL().toString(); + + } catch (MalformedURLException t) { + throw new ConfigurationException("config.03", null, t); + + } + + FileInputStream in = null; + try { + in = new FileInputStream(propertiesFile); + properties.load(in); + super.initial(properties); + +// JPAPropertiesWithJavaConfig.setLocalProperties(configProp); +// System.getProperties().setProperty("location", "file:" + fileName); + context = new ClassPathXmlApplicationContext( + new String[] { "moaid.configuration.beans.xml", + "configuration.beans.xml" + }); + AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); + acbFactory.autowireBean(this); + + } catch (FileNotFoundException e) { + throw new ConfigurationException("config.03", null, e); + + } catch (IOException e) { + throw new ConfigurationException("config.03", null, e); + + } catch (org.opensaml.xml.ConfigurationException e) { + Logger.error("OpenSAML initilalization FAILED. ", e); + throw new ConfigurationException("config.23", null, e); + + } catch (Exception e) { + Logger.error("General error during start-up process.", e); + throw new ConfigurationException("init.02", null, e); + + + } finally { + if (in != null) + try { + in.close(); + + } catch (IOException e) { + Logger.warn("Close MOA-ID-Auth configuration file FAILED.", e); + + } + } + } + + /** + * Set the {@link Configuration} for this class. + * @param configuration the configuration + */ + @Autowired + public void setConfiguration(MOAIDConfiguration configuration) { + this.configuration = configuration; + } + + /** + * Get the properties. + * @return the properties + */ + private Properties getProperties() { + return properties; + } + + /** + * Method that avoids iterating over a {@link Collection} of type {@code T} which is actual {@code null}. + * @param item the collection + * @return the given {@link Collection} {@code item} if it is not {@code null}, or an empty {@link List} otherwise. + */ + @SuppressWarnings("unchecked") + public static <T extends Iterable<?>> T nullGuard(T item) { + if (item == null) { + return (T) Collections.emptyList(); + } else { + return item; + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) + */ + @Override + public Map<String, String> getConfigurationWithPrefix(String Prefix) { + try { + return configuration.getPropertySubset(Prefix); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Loading property with Prefix " + Prefix + " FAILED.", e); + return new HashMap<String, String>(); + + } + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) + */ + @Override + public Map<String, String> getConfigurationWithWildCard(String key) { + try { + return configuration.searchPropertiesWithWildcard(key); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Loading property with searchKey " + key + " FAILED.", e); + return new HashMap<String, String>(); + + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String) + */ + @Override + public String getConfigurationWithKey(String key) { + try { + return configuration.getStringValue(key); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + return null; + } + } + + /** + * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}. + * @return the general pvp2 properties config. + */ + public Properties getGeneralPVP2ProperiesConfig() { + return this.getGeneralProperiesConfig("protocols.pvp2."); + } + + /** + * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}. + * @return the general oauth20 properties config. + */ + public Properties getGeneralOAuth20ProperiesConfig() { + return this.getGeneralProperiesConfig("protocols.oauth20."); + } + + /** + * Returns the allowed protocols. NOTE: may return {@code null}. + * + * @return the allowed protocols or {@code null}. + */ + public ProtocolAllowed getAllowedProtocols() { + try { + ProtocolAllowed allowedProtcols = new ProtocolAllowed(); + + allowedProtcols.setOAUTHActive( + configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_ENABLED, true)); + allowedProtcols.setSAML1Active( + configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_ENABLED, false)); + allowedProtcols.setPVP21Active( + configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_ENABLED, true)); + + return allowedProtcols; + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.error("Can not load protocol enabled information from configuration.", e); + return null; + } + + + } + + + /** + * Returns the general PVP2 configuration. NOTE: may return {@code null}. + * + * @return the general PVP2 configuration or {@code null}. + * + * @deprecated + */ + public PVP2 getGeneralPVP2DBConfig() { + return null; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getTransactionTimeOut() + */ + @Override + public int getTransactionTimeOut() { + try { + return configuration.getIntegerValue( + MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUTS_TRANSACTION, 300); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("No transaction timeout defined. Use default values", e); + return 300; + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOCreatedTimeOut() + */ + @Override + public int getSSOCreatedTimeOut() { + try { + return configuration.getIntegerValue( + MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_CREATE, 2700); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("No SSO created timeout defined. Use default values", e); + return 2700; + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOUpdatedTimeOut() + */ + @Override + public int getSSOUpdatedTimeOut() { + try { + return configuration.getIntegerValue( + MOAIDConfigurationConstants.GENERAL_AUTH_TIMEOUS_SSO_UPDATE, 1200); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("No SSO updated timeout defined. Use default values", e); + return 1200; + } + } + + + /** + * Returns the configured timeouts, or a default timeout. + * + * @return the configured timeout, or the default (never {@code null}). + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + * + * @deprecated + */ + public TimeOuts getTimeOuts() throws ConfigurationException { + + TimeOuts timeouts = new TimeOuts(); + + // set default timeouts + timeouts.setAssertion(new BigInteger("300")); + timeouts.setMOASessionCreated(new BigInteger("2700")); + timeouts.setMOASessionUpdated(new BigInteger("1200")); + +// AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +// // search timeouts in config +// GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); +// if (generalConfiguration != null) { +// if (generalConfiguration.getTimeOuts() != null) { +// if (generalConfiguration.getTimeOuts().getAssertion() != null) { +// timeouts.setAssertion(generalConfiguration.getTimeOuts().getAssertion()); +// } +// +// if (generalConfiguration.getTimeOuts().getMOASessionCreated() != null) { +// timeouts.setMOASessionCreated(generalConfiguration.getTimeOuts().getMOASessionCreated()); +// } +// +// if (generalConfiguration.getTimeOuts().getMOASessionUpdated() != null) { +// timeouts.setMOASessionUpdated(generalConfiguration.getTimeOuts().getMOASessionUpdated()); +// } +// +// } else { +// Logger.info("No TimeOuts defined. Use default values"); +// } +// } + return timeouts; + } + + /** + * Returns an alternative source ID. NOTE: may return {@code null}. + * + * @return an alternative source ID or {@code null}. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public String getAlternativeSourceID() throws ConfigurationException { + try { + return configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("SAML1 SourceID can not be read from configuration.", e); + return null; + } + } + + /** + * Returns a list of legacy allowed protocols. NOTE: may return an empty list but never {@code null}. + * + * @return the list of protocols. + */ + public List<String> getLegacyAllowedProtocols() { + + List<String> legacy = new ArrayList<String>(); + try { + if (configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_LEGACY, false)) + legacy.add(SAML1Protocol.PATH); + + if (configuration.getBooleanValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_LEGACY, false)) + legacy.add(PVP2XProtocol.PATH); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Load legacy protocol configuration property FAILED.", e); + + } + return legacy; + } + + /** + * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. + * + * @param oaURL URL requested for an online application + * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable + */ + public OAAuthParameter getOnlineApplicationParameter(String oaURL) { + Map<String, String> oa = getActiveOnlineApplication(oaURL); + if (oa == null) { + Logger.warn("Online application with identifier " + oaURL + " is not found."); + return null; + } + + return new OAAuthParameter(oa); + } + + /** + * Returns a string with a url-reference to the VerifyAuthBlock trust profile id within the moa-sp part of the authentication component. + * + * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ + public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { + try { + return configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("AuthBlock validation trustprofile can not be read from configuration.", e); + return null; + } + } + + /** + * Returns a list of strings with references to all verify transform info IDs within the moa-sp part of the authentication component. + * + * @return a list of strings containing all urls to the verify transform info IDs. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ + public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { + try { + return Arrays.asList(configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM)); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("AuthBlock transformation can not be read from configuration.", e); + return null; + } + } + + /** + * Returns a ConnectionParameter bean containing all information of the authentication component moa-sp element. + * + * @return ConnectionParameter of the authentication component moa-sp element. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ + public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { + ConnectionParameter result = null; + String moaspURL; + try { + moaspURL = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_URL); + if (moaspURL != null) { + result = + new ConnectionParameterMOASP(moaspURL, this.getProperties(), this.getRootConfigFileDir()); + + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Loading MOA-SP Service URL from configuration FAILED.", e); + + } + + return result; + } + + /** + * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}. + * + * @return the connection parameter. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ + public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { + ConnectionParameter result = null; + String serviceURL; + try { + serviceURL = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL); + if (serviceURL != null) { + result = + new ConnectionParameterForeign(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e); + + } + + return result; + } + + /** + * Returns the {@link ConnectionParameter} for the OnlineMandates. NOTE: may return {@code null}. + * + * @return the connection parameter. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { + ConnectionParameter result = null; + String serviceURL; + try { + serviceURL = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL); + if (serviceURL != null) { + result = + new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir()); + + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e); + + } + + return result; + } + + /** + * Returns a string with a url-reference to the VerifyIdentityLink trust profile id within the moa-sp part of the authentication component + * + * @return String with a url-reference to the VerifyIdentityLink trust profile ID + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link VerifyIdentityLink}. + */ + public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { + try { + return configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("IdentityLink validation trustprofile can not be read from configuration.", e); + return null; + } + } + + /** + * Returns a non-empty list of transform infos. NOTE: list is never {@code empty} or {@code null}. + * + * @return a list of transform infos. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}. + */ + public List<String> getTransformsInfos() throws ConfigurationException { + try { + String securityLayer = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64); + if (securityLayer != null) { + List<String> result = ConfigurationUtils.getTransformInfos(securityLayer); + + if (result == null || result.isEmpty()) { + Logger.error("No Security-Layer Transformation found."); + throw new ConfigurationException("config.05", new Object[] { "Security-Layer Transformation" }); + } + return result; + + } else { + Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); + throw new ConfigurationException("config.02", null); + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.error("No Security-Layer Transformation found."); + throw new ConfigurationException("config.05", new Object[] { "Security-Layer Transformation" }); + + } + } + + /** + * Returns a list of IdentityLinkX509SubjectNames. NOTE: may return an empty list but never {@code null}. + * + * @return the list of IdentityLinkX509SubjectNames. + * + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException { + + ArrayList<String> identityLinkX509SubjectNames = new ArrayList<String>(); + + String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; + for (int i = 0; i < identityLinkSignersWithoutOID.length; i++) { + String identityLinkSigner = identityLinkSignersWithoutOID[i]; + if (!identityLinkX509SubjectNames.contains(identityLinkSigner)) { + identityLinkX509SubjectNames.add(identityLinkSigner); + } + } + + return identityLinkX509SubjectNames; + } + + /** + * Returns a list of default SLRequestTemplates. NOTE: may return an empty list but never {@code null}. + * + * @return list of default SLRequestTemplates. + * @throws ConfigurationException is never thrown + */ + public List<String> getSLRequestTemplates() throws ConfigurationException { + List<String> templatesList = new ArrayList<String>(); + + try { + templatesList.add(configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL)); + templatesList.add(configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE)); + templatesList.add(configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY)); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("SecurtiyLayer request templates are not loadable from configuration.", e); + + } + return templatesList; + } + + /** + * Returns the type's default SLRequestTemplate. NOTE: may return {@code null}. + * + * @param type the type of BKU. + * @return the default SLRequestTemplate for the given type. + * + * @throws ConfigurationException is never thrown + */ + public String getSLRequestTemplates(String type) throws ConfigurationException { + String slRequestTemplate = null; + + try { + switch (type) { + case IOAAuthParameters.ONLINEBKU: + slRequestTemplate = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_ONLINE); + break; + case IOAAuthParameters.LOCALBKU: + slRequestTemplate = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_LOCAL); + break; + case IOAAuthParameters.HANDYBKU: + slRequestTemplate = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_TEMPLATES_HANDY); + break; + default: + Logger.warn("getSLRequestTemplates: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + + IOAAuthParameters.LOCALBKU); + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("SecurtiyLayer request templates are not loadable from configuration.", e); + + } + return slRequestTemplate; + } + + /** + * Returns a list of default BKUURLs. NOTE: may return an empty list but never {@code null}. + * + * @return list of default BKUURLs. + * @throws ConfigurationException is never thrown + */ + public List<String> getDefaultBKUURLs() throws ConfigurationException { + List<String> bkuurlsList = new ArrayList<String>(); + try { + bkuurlsList.add(configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE)); + bkuurlsList.add(configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL)); + bkuurlsList.add(configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY)); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("BKU URLs are not loadable from configuration.", e); + + } + return bkuurlsList; + } + + /** + * Returns the type's default BKUURL. NOTE: may return {@code null}. + * + * @param type the type of BKU. + * @return the default BKUURL for the given type. + * + * @throws ConfigurationException is never thrown + */ + public String getDefaultBKUURL(String type) throws ConfigurationException { + String defaultBKUUrl = null; + try { + switch (type) { + case IOAAuthParameters.ONLINEBKU: + defaultBKUUrl = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_ONLINE); + break; + case IOAAuthParameters.LOCALBKU: + defaultBKUUrl = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_LOCAL); + break; + case IOAAuthParameters.HANDYBKU: + defaultBKUUrl = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_DEFAULTS_BKU_HANDY); + break; + default: + Logger.warn("getDefaultBKUURL: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + + IOAAuthParameters.LOCALBKU); + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("BKU URLs are not loadable from configuration.", e); + + } + return defaultBKUUrl; + } + + /** + * Returns the SSOTagetIdentifier. NOTE: returns {@code null} if no SSOTargetIdentifier is set. + * + * @return the SSOTagetIdentifier or {@code null} + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public String getSSOTagetIdentifier() throws ConfigurationException { + try { + return configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Single Sign-On Target can not be read from configuration.", e); + return null; + } + } + + /** + * Returns the SSOFriendlyName. NOTE: never returns {@code null}, if no SSOFriendlyName is set, a default String is returned. + * + * @return the SSOFriendlyName or a default String + */ + public String getSSOFriendlyName() { + try { + return configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, "Default MOA-ID friendly name for SSO"); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Single Sign-On FriendlyName can not be read from configuration.", e); + return "Default MOA-ID friendly name for SSO"; + } + } + + /** + * Returns the SSOSpecialText. NOTE: never returns {@code null}, if no SSOSpecialText is set, an empty String is returned. + * + * @return the SSOSpecialText or an empty String + */ + public String getSSOSpecialText() { + try { + String text = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT); + return MiscUtil.isEmpty(text) ? new String() : text; + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Single Sign-On AuthBlockText can not be read from configuration.", e); + return new String(); + } + } + + /** + * Returns the MOASessionEncryptionKey NOTE: returns {@code null} if no MOASessionEncryptionKey is set. + * + * @return the MOASessionEncryptionKey or {@code null} + */ + public String getMOASessionEncryptionKey() { + String prop = properties.getProperty("configuration.moasession.key"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * Returns the MOAConfigurationEncryptionKey NOTE: returns {@code null} if no MOAConfigurationEncryptionKey is set. + * + * @return the MOAConfigurationEncryptionKey or {@code null} + */ + public String getMOAConfigurationEncryptionKey() { + String prop = properties.getProperty("configuration.moaconfig.key"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * @return {@code true} if IdentityLinkResigning is set, {@code false} otherwise. + */ + public boolean isIdentityLinkResigning() { + String prop = properties.getProperty("configuration.resignidentitylink.active", "false"); + return Boolean.valueOf(prop); + } + + /** + * Returns the IdentityLinkResigningKey. NOTE: returns {@code null} if no IdentityLinkResigningKey is set. + * + * @return the IdentityLinkResigningKey or {@code null} + */ + public String getIdentityLinkResigningKey() { + String prop = properties.getProperty("configuration.resignidentitylink.keygroup"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * @return {@code true} if MonitoringActive is set, {@code false} otherwise. + */ + public boolean isMonitoringActive() { + String prop = properties.getProperty("configuration.monitoring.active", "false"); + return Boolean.valueOf(prop); + } + + /** + * Returns the MonitoringTestIdentityLinkURL. NOTE: returns {@code null} if no MonitoringTestIdentityLinkURL is set. + * + * @return the MonitoringTestIdentityLinkURL or {@code null} + */ + public String getMonitoringTestIdentityLinkURL() { + String prop = properties.getProperty("configuration.monitoring.test.identitylink.url"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * Returns the MonitoringMessageSuccess. NOTE: returns {@code null} if no MonitoringMessageSuccess is set. + * + * @return the MonitoringMessageSuccess or {@code null} + */ + public String getMonitoringMessageSuccess() { + String prop = properties.getProperty("configuration.monitoring.message.success"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * @return {@code true} if AdvancedLoggingActive is set, {@code false} otherwise. + */ + public boolean isAdvancedLoggingActive() { + String prop = properties.getProperty("configuration.advancedlogging.active", "false"); + return Boolean.valueOf(prop); + } + + /** + * Returns the PublicURLPrefix. NOTE: returns {@code null} if no PublicURLPrefix is set. + * + * @return the PublicURLPrefix or {@code null} + */ + public String getPublicURLPrefix() { + try { + return configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_PUBLICURLPREFIX); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("MOA-ID PublicURLPrefix can not be read from configuration.", e); + return null; + } + } + + /** + * @return {@code true} if PVP2AssertionEncryptionActive is set, {@code false} otherwise. + */ + public boolean isPVP2AssertionEncryptionActive() { + String prop = this.getProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true"); + return Boolean.valueOf(prop); + } + + /** + * @return {@code true} if CertifiacteQCActive is set, {@code false} otherwise. + */ + public boolean isCertifiacteQCActive() { + String prop = this.getProperties().getProperty("configuration.validation.certificate.QC.ignore", "false"); + return !Boolean.valueOf(prop); + } + + /** + * Returns a STORK Configuration, NOTE: may return {@code null}. + * + * @return a new STORK Configuration or {@code null} + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public STORKConfig getStorkConfig() throws ConfigurationException { + STORKConfig result = null; + try { + Map<String, String> storkProps = configuration.getPropertySubset( + MOAIDConfigurationConstants.GENERAL_AUTH_STORK + "."); + if (storkProps == null) { + Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); + + } else { + result = new STORKConfig(this.getProperties(), this.getRootConfigFileDir()); + + } + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("MOA-ID PublicURLPrefix can not be read from configuration.", e); + + } + + return result; + } + +// /** +// * Small helper method. +// * +// * @return the {@link AuthComponentGeneral} from the database +// * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} +// */ +// private AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { +// +// AuthComponentGeneral authComponentGeneral = configuration.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, AuthComponentGeneral.class); +// if (authComponentGeneral == null) { +// Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); +// throw new ConfigurationException("config.02", null); +// } +// return authComponentGeneral; +// } + +// /** +// * Returns the {@link VerifyAuthBlock}. +// * +// * @return the {@link VerifyAuthBlock}. +// * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. +// */ +// private VerifyAuthBlock getVerifyAuthBlock() throws ConfigurationException { +// +// AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +// MOASP moasp = authComponentGeneral.getMOASP(); +// if (moasp != null) { +// VerifyAuthBlock vab = moasp.getVerifyAuthBlock(); +// if (vab != null) { +// VerifyAuthBlock verifyIdl = new VerifyAuthBlock(); +// verifyIdl.setTrustProfileID(vab.getTrustProfileID()); +// verifyIdl.setVerifyTransformsInfoProfileID(new ArrayList<String>(vab.getVerifyTransformsInfoProfileID())); +// return verifyIdl; +// } else { +// Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); +// throw new ConfigurationException("config.02", null); +// } +// } else { +// Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); +// throw new ConfigurationException("config.02", null); +// } +// } + + /** + * Small helper method. NOTE: may return empty properties, but never {@code null}. + * @param propPrefix the prefix of the desired property. + * @return the {@link Properties} + */ + private Properties getGeneralProperiesConfig(final String propPrefix) { + + Properties configProp = new Properties(); + for (Object key : this.getProperties().keySet()) { + if (key.toString().startsWith(propPrefix)) { + String propertyName = key.toString().substring(propPrefix.length()); + configProp.put(propertyName, this.getProperties().get(key.toString())); + } + } + return configProp; + } + + /** + * Returns whether the trust-manager revocation checking is enabled or not. + * + * @return {@code true} if enable, {@code false} if disabled + */ + @Override + public boolean isTrustmanagerrevoationchecking() { + + try { + return configuration.getBooleanValue( + MOAIDConfigurationConstants.GENERAL_AUTH_REVOCATIONCHECKING, + TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + return TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT; + } + } + + /** + * Returns the path to the certificate-store directory or {@code null} if there is no certificate-store directory defined. + * + * @return the path to the certstore directory or {@code null} + */ + @Override + public String getCertstoreDirectory() { + try { + String path = rootConfigFileDir + configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_CERTSTORE_URL); + if (MiscUtil.isNotEmpty(path)) + return path; + + else { + Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); + return null; + + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined.", e); + return null; + } + } + + @Override + public String getTrustedCACertificates() { + try { + String path = rootConfigFileDir + configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL); + if (MiscUtil.isNotEmpty(path)) + return path; + + else { + Logger.warn("Error in MOA-ID Configuration. No TrustStoreDirectory defined."); + return null; + + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Error in MOA-ID Configuration. No TrustStoreDirectory defined.", e); + return null; + } + } + + /** + * Returns the active {@link OnlineApplication} with the given ID or {@code null} if either no matching online application is found or if the {@code id} + * matches more than one entry. + * + * @param id the id of the requested online application + * @return the requested online application or {@code null} + */ + public Map<String, String> getActiveOnlineApplication(String id) { + Logger.trace("Get active OnlineApplication with ID " + id + " from database."); + try { + Map<String, String> oaConfig = configuration.getOnlineApplication(id); + if (oaConfig != null) { + String isActiveString = oaConfig.get(MOAIDConfigurationConstants.SERVICE_ISACTIVE); + if (isActiveString != null && Boolean.valueOf(isActiveString)) + return oaConfig; + + } + + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.error("Error during OnlineApplication load operationen (oaId=." + + id + ")" , e); + + } + return null; + + } + + //Load document service url from moa properties + public String getDocumentServiceUrl() { + String prop = properties.getProperty("stork.documentservice.url", "false"); + return prop; + } + + + public boolean isPVPSchemaValidationActive() { + String prop = properties.getProperty("protocols.pvp2.schemavalidation", "true"); + return Boolean.valueOf(prop); + } + + /** + * Checks if is fakeIdL is activated. + * + * @return true, if fake IdLs are available for stork + */ + public boolean isStorkFakeIdLActive() { + String prop = properties.getProperty("stork.fakeIdL.active", "false"); + return Boolean.valueOf(prop); + } + + /** + * Gets the countries which will receive a fake IdL + * + * @return the countries + */ + public List<String> getStorkFakeIdLCountries() { + String prop = properties.getProperty("stork.fakeIdL.countries", ""); + return Arrays.asList(prop.replaceAll(" ", "").split(",")); + } + + /** + * Gets the resigning key (group) for the stork fake IdL. + * + * @return the resigning key + */ + public String getStorkFakeIdLResigningKey() { + String prop = properties.getProperty("stork.fakeIdL.keygroup"); + if (MiscUtil.isNotEmpty(prop)) + return prop; + else + return null; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getStorkNoSignatureCountries() + */ + @Override + public List<String> getStorkNoSignatureCountries() { + String prop = properties.getProperty("stork.fakeIdL.noSignatureCountries", ""); + return Arrays.asList(prop.replaceAll(" ", "").split(",")); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java index 928515758..44f4da027 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java @@ -23,27 +23,31 @@ package at.gv.egovernment.moa.id.config.auth.data; import java.security.PrivateKey; +import java.util.Collection; import java.util.List; import java.util.Map; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.config.stork.StorkAttribute; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; /** * @author tlenz * */ -public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParameters { +public class DynamicOAAuthParameters implements IOAAuthParameters { + + private String publicURLPrefix; private String businessTarget; + private boolean businessService; + + private boolean isInderfederationIDP; + private String IDPQueryURL; + + private String target; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTarget() @@ -79,28 +83,10 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTransformsInfos() - */ - @Override - public List<String> getTransformsInfos() { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSAML1Parameter() */ @Override - public OASAML1 getSAML1Parameter() { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPVP2Parameter() - */ - @Override - public OAPVP2 getPVP2Parameter() { + public SAML1ConfigurationParameters getSAML1Parameter() { // TODO Auto-generated method stub return null; } @@ -109,7 +95,7 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTemplateURL() */ @Override - public List<TemplateType> getTemplateURL() { + public List<String> getTemplateURL() { // TODO Auto-generated method stub return null; } @@ -160,15 +146,6 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSingleLogOutURL() - */ - @Override - public String getSingleLogOutURL() { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getMandateProfiles() */ @Override @@ -232,15 +209,6 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getRequestedAttributes() - */ - @Override - public List<OAStorkAttribute> getRequestedAttributes() { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isRequireConsentForStorkAttributes() */ @Override @@ -253,7 +221,7 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getStorkAPs() */ @Override - public List<AttributeProviderPlugin> getStorkAPs() { + public Collection<StorkAttributeProviderPlugin> getStorkAPs() { // TODO Auto-generated method stub return null; } @@ -280,7 +248,7 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPepsList() */ @Override - public List<CPEPS> getPepsList() { + public Collection<at.gv.egovernment.moa.id.config.stork.CPEPS> getPepsList() { // TODO Auto-generated method stub return null; } @@ -400,6 +368,93 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam } /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFullConfiguration() + */ + @Override + public Map<String, String> getFullConfiguration() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getConfigurationValue(java.lang.String) + */ + @Override + public String getConfigurationValue(String key) { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFriendlyName() + */ + @Override + public String getFriendlyName() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPublicURLPrefix() + */ + @Override + public String getPublicURLPrefix() { + return this.publicURLPrefix; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getOaType() + */ + @Override + public String getOaType() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBusinessService() + */ + @Override + public boolean getBusinessService() { + return this.businessService; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTargetFriendlyName() + */ + @Override + public String getTargetFriendlyName() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInderfederationIDP() + */ + @Override + public boolean isInderfederationIDP() { + return this.isInderfederationIDP; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isSTORKPVPGateway() + */ + @Override + public boolean isSTORKPVPGateway() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getRequestedSTORKAttributes() + */ + @Override + public Collection<StorkAttribute> getRequestedSTORKAttributes() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getReversionsLoggingEventCodes() */ @Override diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/SAML1ConfigurationParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/SAML1ConfigurationParameters.java new file mode 100644 index 000000000..8ff64f188 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/SAML1ConfigurationParameters.java @@ -0,0 +1,276 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.auth.data; + +/** + * @author tlenz + * + */ +public class SAML1ConfigurationParameters { + + private boolean isActive = false; + private boolean provideBaseId = false; + private boolean provideAuthBlock = false; + private boolean provideIdl = false; + private boolean provideCertificate = false; + private boolean provideMandate = false; + private boolean provideAllErrors = true; + private boolean useCondition = false; + private String sourceID = null; + private String condition = new String(); + + + /** + * + */ + public SAML1ConfigurationParameters(boolean isActive, + boolean provideBaseId, boolean provideAuthBlock, + boolean provideIdl, boolean provideCertificate, + boolean provideMandate, boolean provideAllErrors, + boolean useCondition, String condition, + String sourceID) { + this.condition = condition; + this.isActive = isActive; + this.provideAllErrors = provideAllErrors; + this.provideAuthBlock = provideAuthBlock; + this.provideBaseId = provideBaseId; + this.provideCertificate = provideCertificate; + this.provideIdl = provideIdl; + this.provideMandate = provideMandate; + this.useCondition = useCondition; + this.sourceID = sourceID; + + } + + + /** + * + */ + public SAML1ConfigurationParameters() { + + } + + + /** + * Gets the value of the isActive property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isIsActive() { + return this.isActive; + } + + /** + * @param isActive the isActive to set + */ + public void setActive(boolean isActive) { + this.isActive = isActive; + } + + + /** + * @param provideBaseId the provideBaseId to set + */ + public void setProvideBaseId(boolean provideBaseId) { + this.provideBaseId = provideBaseId; + } + + + /** + * @param provideAuthBlock the provideAuthBlock to set + */ + public void setProvideAuthBlock(boolean provideAuthBlock) { + this.provideAuthBlock = provideAuthBlock; + } + + + /** + * @param provideIdl the provideIdl to set + */ + public void setProvideIdl(boolean provideIdl) { + this.provideIdl = provideIdl; + } + + + /** + * @param provideCertificate the provideCertificate to set + */ + public void setProvideCertificate(boolean provideCertificate) { + this.provideCertificate = provideCertificate; + } + + + /** + * @param provideMandate the provideMandate to set + */ + public void setProvideMandate(boolean provideMandate) { + this.provideMandate = provideMandate; + } + + + /** + * @param provideAllErrors the provideAllErrors to set + */ + public void setProvideAllErrors(boolean provideAllErrors) { + this.provideAllErrors = provideAllErrors; + } + + + /** + * @param useCondition the useCondition to set + */ + public void setUseCondition(boolean useCondition) { + this.useCondition = useCondition; + } + + + /** + * @param sourceID the sourceID to set + */ + public void setSourceID(String sourceID) { + this.sourceID = sourceID; + } + + + /** + * @param condition the condition to set + */ + public void setCondition(String condition) { + this.condition = condition; + } + + + /** + * Gets the value of the provideStammzahl property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideStammzahl() { + return this.provideBaseId; + } + + /** + * Gets the value of the provideAUTHBlock property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideAUTHBlock() { + return this.provideAuthBlock; + } + + /** + * Gets the value of the provideIdentityLink property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideIdentityLink() { + return this.provideIdl; + } + + /** + * Gets the value of the provideCertificate property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideCertificate() { + return this.provideCertificate; + } + + /** + * Gets the value of the provideFullMandatorData property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideFullMandatorData() { + return this.provideMandate; + } + + /** + * Gets the value of the useCondition property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isUseCondition() { + return this.useCondition; + } + + /** + * Gets the value of the conditionLength property. + * + * @return + * possible object is + * {@link BigInteger } + * + */ + + public int getConditionLength() { + return condition.length(); + } + + /** + * Gets the value of the sourceID property. + * + * @return + * possible object is + * {@link String } + * + */ + public String getSourceID() { + return this.sourceID; + } + + /** + * Gets the value of the provideAllErrors property. + * + * @return + * possible object is + * {@link String } + * + */ + public Boolean isProvideAllErrors() { + return this.provideAllErrors; + } + +} + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java index 3d4b53f7c..54156330f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java @@ -80,7 +80,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.data.IssuerAndSerial; import at.gv.egovernment.moa.logging.Logger; @@ -97,6 +96,15 @@ public class BuildFromLegacyConfig { private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at"; private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request"; + public static final String AUTH_SESSION_TIMEOUT_PROPERTY = + "AuthenticationSession.TimeOut"; + /** + * The name of the generic configuration property giving the authentication data time out. + */ + public static final String AUTH_DATA_TIMEOUT_PROPERTY = + "AuthenticationData.TimeOut"; + + public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException { InputStream stream = null; Element configElem; @@ -163,13 +171,13 @@ public class BuildFromLegacyConfig { //Load Assertion and Session timeouts TimeOuts timeOuts = new TimeOuts(); - if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY)) - timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY)))); + if (genericConfiguration.containsKey(AUTH_DATA_TIMEOUT_PROPERTY)) + timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_DATA_TIMEOUT_PROPERTY)))); else timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min - if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY)) - timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY)))); + if (genericConfiguration.containsKey(AUTH_SESSION_TIMEOUT_PROPERTY)) + timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_SESSION_TIMEOUT_PROPERTY)))); else timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java deleted file mode 100644 index e077e096f..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/OAConfiguration.java +++ /dev/null @@ -1,219 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.proxy; - -import java.util.HashMap; -import java.util.Map; - -/** - * Holds configuration data concerning an online application for use by the MOA-ID Proxy component. - * These include the login type (stateful or stateless), the HTTP authentication type, - * and information needed to add authentication parameters or headers for a URL connection - * to the remote online application. - * @see <code>MOAIDConfiguration-1.1.xsd</code>, element <code>Configuration</code> - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class OAConfiguration { - - /** Constant for an login method */ - public static final String LOGINTYPE_STATEFUL = "stateful"; - /** Constant for an login method */ - public static final String LOGINTYPE_STATELESS = "stateless"; - - /** Constant for an auth method */ - public static final String BASIC_AUTH = "basic"; - /** Constant for an auth method */ - public static final String HEADER_AUTH = "header"; - /** Constant for an auth method */ - public static final String PARAM_AUTH = "param"; - - - /** Constant for binding */ - public static final String BINDUNG_USERNAME = "userName"; - /** Constant for binding */ - public static final String BINDUNG_FULL = "full"; - /** Constant for binding */ - public static final String BINDUNG_NONE = "none"; - /** Constant for binding */ - public static final String BINDUNG_NOMATCH = "noMatch"; - - /** login type: stateful or stateless */ - String loginType; - /** authentication type: basic, header, or param */ - String authType; - /** - * mapping of parameter names to AuthenticationData field names - * in case of authentication type <code>"header-auth"</code> - */ - Map paramAuthMapping; - /** - * mapping of parameter names to AuthenticationData field names - * in case of authentication type <code>"param-auth"</code> - */ - Map headerAuthMapping; - /** mapping for user ID to be used in case of authentication type <code>"basic-auth"</code> */ - String basicAuthUserIDMapping; - /** mapping for password to be used in case of authentication type <code>"basic-auth"</code> */ - String basicAuthPasswordMapping; - /** Binding for basic authentication */ - String binding; - - /** - * Returns the basicAuthPasswordMapping. - * @return String - */ - public String getBasicAuthPasswordMapping() { - return basicAuthPasswordMapping; - } - - /** - * Returns the basicAuthUserIDMapping. - * @return String - */ - public String getBasicAuthUserIDMapping() { - return basicAuthUserIDMapping; - } - - /** - * Returns the headerAuthMapping. - * @return HashMap - */ - public Map getHeaderAuthMapping() { - return headerAuthMapping; - } - - /** - * Returns the loginType. - * @return String - */ - public String getLoginType() { - return loginType; - } - - /** - * Returns the paramAuthMapping. - * @return HashMap - */ - public Map getParamAuthMapping() { - return paramAuthMapping; - } - - /** - * Returns the binding. - * @return String - */ - public String getBinding() { - return binding; - } - - /** - * Sets the basicAuthPasswordMapping. - * @param basicAuthPassword The basicAuthPasswordMapping to set - */ - public void setBasicAuthPasswordMapping(String basicAuthPassword) { - this.basicAuthPasswordMapping = basicAuthPassword; - } - - /** - * Sets the basicAuthUserIDMapping. - * @param basicAuthUserID The basicAuthUserIDMapping to set - */ - public void setBasicAuthUserIDMapping(String basicAuthUserID) { - this.basicAuthUserIDMapping = basicAuthUserID; - } - - /** - * Sets the headerAuthMapping. - * @param headerAuth The headerAuthMapping to set - */ - public void setHeaderAuthMapping(HashMap headerAuth) { - this.headerAuthMapping = headerAuth; - } - - /** - * Sets the loginType. - * @param loginType The loginType to set - */ - public void setLoginType(String loginType) { - this.loginType = loginType; - } - - /** - * Sets the paramAuthMapping. - * @param paramAuth The paramAuthMapping to set - */ - public void setParamAuthMapping(HashMap paramAuth) { - this.paramAuthMapping = paramAuth; - } - - /** - * Returns the authType. - * @return String - */ - public String getAuthType() { - return authType; - } - - /** - * Sets the authType. - * @param authLoginType The authType to set - */ - public void setAuthType(String authLoginType) { - this.authType = authLoginType; - } - - /** - * Sets the binding. - * @param binding The binding to be set. - */ - public void setBinding (String binding) { - this.binding = binding; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java deleted file mode 100644 index 00ca5ad57..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/OAProxyParameter.java +++ /dev/null @@ -1,248 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.proxy; - -import at.gv.egovernment.moa.id.config.legacy.ConnectionParameter; -import at.gv.egovernment.moa.id.config.legacy.OAParameter; - -/** - * Configuration parameters belonging to an online application, - * to use with the MOA ID Proxy component. - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class OAProxyParameter extends OAParameter { - -// /** -// * public URL prefix of the online application -// */ -// private String publicURLPrefix; - /** - * URL of online application configuration file; - * defaults to relative URL <code>/moaconfig.xml</code> - */ - private String configFileURL; - /** - * implementation of {@link at.gv.egovernment.moa.id.proxy.LoginParameterResolver} interface - * to be used for authenticating the online application; - * defaults to {@link at.gv.egovernment.moa.id.proxy.DefaultLoginParameterResolver} - */ - private String loginParameterResolverImpl; - - /** - * Configuration Parameter of LoginParameterResolver - */ - private String loginParameterResolverConfiguration; - - /** - * implementation of {@link at.gv.egovernment.moa.id.proxy.ConnectionBuilder} interface - * to be used for connecting to the online application; - * defaults to {@link at.gv.egovernment.moa.id.proxy.DefaultConnectionBuilder} - */ - private String connectionBuilderImpl; - /** - * session time out to be used in case of a stateless online application - */ - private int sessionTimeOut; - /** - * parameters regarding the connection from the proxy to the online application - */ - private ConnectionParameter connectionParameter; - /** - * parameters for logging into the online application - */ - private OAConfiguration oaConfiguration; - - private String errorRedirctURL; - - - /** - * Returns the configFileURL. - * @return String - */ - public String getConfigFileURL() { - return configFileURL; - } - - /** - * Returns the sessionTimeOut. - * @return int - */ - public int getSessionTimeOut() { - return sessionTimeOut; - } - - /** - * Returns the connectionParameter. - * @return ConnectionParameter - */ - public ConnectionParameter getConnectionParameter() { - return connectionParameter; - } - - /** - * Sets the configFileURL for the proxy. - * @param oaProxyConfigFileURL The configFileURL to set - */ - public void setConfigFileURL(String oaProxyConfigFileURL) { - this.configFileURL = oaProxyConfigFileURL; - } - - /** - * Sets the sessionTimeOut for the proxy. - * @param oaProxySessionTimeOut The sessionTimeOut to set - */ - public void setSessionTimeOut(int oaProxySessionTimeOut) { - this.sessionTimeOut = oaProxySessionTimeOut; - } - - /** - * Sets the connectionParameter for the proxy. - * @param proxyConnectionParameter The connectionParameter to set - */ - public void setConnectionParameter(ConnectionParameter proxyConnectionParameter) { - this.connectionParameter = proxyConnectionParameter; - } - -// /** -// * Returns the publicURLPrefix. -// * @return String -// */ -// public String getPublicURLPrefix() { -// return publicURLPrefix; -// } -// -// /** -// * Sets the publicURLPrefix. -// * @param publicURLPrefix The publicURLPrefix to set -// */ -// public void setPublicURLPrefix(String url) { -// this.publicURLPrefix = url; -// } - - /** - * Returns the connectionBuilderImpl. - * @return String - */ - public String getConnectionBuilderImpl() { - return connectionBuilderImpl; - } - - /** - * Returns the loginParameterResolverImpl. - * @return String - */ - public String getLoginParameterResolverImpl() { - return loginParameterResolverImpl; - } - - /** - * Returns the loginParameterResolverConfiguration. - * @return String - */ - public String getLoginParameterResolverConfiguration() { - return loginParameterResolverConfiguration; - } - - /** - * Sets the connectionBuilderImpl for the proxy. - * @param connectionBuilderImpl The connectionBuilderImpl to set - */ - public void setConnectionBuilderImpl(String connectionBuilderImpl) { - this.connectionBuilderImpl = connectionBuilderImpl; - } - - /** - * Sets the loginParameterResolverImpl for the proxy. - * @param loginParameterResolverImpl The loginParameterResolverImpl to set - */ - public void setLoginParameterResolverImpl(String loginParameterResolverImpl) { - this.loginParameterResolverImpl = loginParameterResolverImpl; - } - - /** - * Sets the loginParameterResolverConfiguration for the proxy. - * @param loginParameterResolverConfiguration The loginParameterResolverImpl to set - */ - public void setLoginParameterResolverConfiguration(String loginParameterResolverConfiguration) { - this.loginParameterResolverConfiguration = loginParameterResolverConfiguration; - } - - /** - * Returns the oaConfiguration. - * @return OAConfiguration - */ - public OAConfiguration getOaConfiguration() { - return oaConfiguration; - } - - /** - * Sets the oaConfiguration. - * @param oaConfiguration The oaConfiguration to set - */ - public void setOaConfiguration(OAConfiguration oaConfiguration) { - this.oaConfiguration = oaConfiguration; - } - -/** - * @return the errorRedirctURL - */ -public String getErrorRedirctURL() { - return errorRedirctURL; -} - -/** - * @param errorRedirctURL the errorRedirctURL to set - */ -public void setErrorRedirctURL(String errorRedirctURL) { - this.errorRedirctURL = errorRedirctURL; -} - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java deleted file mode 100644 index 3220dc90c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationBuilder.java +++ /dev/null @@ -1,290 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.proxy; - -import java.io.ByteArrayInputStream; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; - -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; -import org.w3c.dom.traversal.NodeIterator; - -import at.gv.egovernment.moa.id.config.legacy.ConfigurationBuilder; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.legacy.ConnectionParameter; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * Builds the configuration for MOA-ID Proxy. - */ -public class ProxyConfigurationBuilder extends ConfigurationBuilder { - - /** - * Default online application configuration file name - * (used when <code>/OnlineApplication/ProxyComponent@configFileURL</code> is <code>null</code>). - */ - public static final String DEFAULT_OA_CONFIG_FILENAME = "MOAConfig.xml"; - - /** an XPATH-Expression */ - private static final String PROXY_AUTH_XPATH = - ROOT + CONF + "ProxyComponent/" + CONF + "AuthComponent"; - /** an XPATH-Expression */ - protected static final String ROOTOA = "/" + CONF + "Configuration/"; - /** an XPATH-Expression */ - private static final String OA_PROXY_COMPONENT_XPATH = CONF + "ProxyComponent"; - /** an XPATH-Expression */ - private static final String OA_PROXY_COMPONENT_ABSOLUTE_XPATH = ROOT + CONF + "OnlineApplication/" + CONF + "ProxyComponent"; - /** an XPATH-Expression */ - private static final String OA_PROXY_URL_XPATH = CONF + "ProxyComponent/@configFileURL"; - /** an XPATH-Expression */ - private static final String OA_PROXY_SESSION_TIMEOUT_XPATH = CONF + "ProxyComponent/@sessionTimeOut"; - /** an XPATH-Expression */ - private static final String OA_PROXY_LOGIN_PARA_XPATH = CONF + "ProxyComponent/@loginParameterResolverImpl"; - /** an XPATH-Expression */ - private static final String OA_PROXY_LOGIN_PARA_CONF_XPATH = CONF + "ProxyComponent/@loginParameterResolverConfiguration"; - - private static final String OA_PROXY_CONNECTION_BUILDER_XPATH = CONF + "ProxyComponent/@connectionBuilderImpl"; - /** an XPATH-Expression */ - private static final String OA_PROXY_ERROR_REDIRECT_URL_XPATH = CONF + "ProxyComponent/@errorRedirectURL"; - /** an XPATH-Expression */ - protected static final String OACONF_LOGIN_TYPE_XPATH = - ROOTOA + CONF + "LoginType"; - /** an XPATH-Expression */ - protected static final String OACONF_BINDING_TYPE_XPATH = - ROOTOA + CONF + "Binding"; - /** an XPATH-Expression */ - protected static final String OACONF_PARAM_AUTH_PARAMETER_XPATH = - ROOTOA + CONF + "ParamAuth/" + CONF + "Parameter"; - /** an XPATH-Expression */ - protected static final String OACONF_USER_ID_XPATH = - ROOTOA + CONF + "BasicAuth/" + CONF + "UserID"; - /** an XPATH-Expression */ - protected static final String OACONF_PASSWORD_XPATH = - ROOTOA + CONF + "BasicAuth/" + CONF + "Password"; - /** an XPATH-Expression */ - protected static final String OACONF_HEADER_AUTH_HEADER_XPATH = - ROOTOA + CONF + "HeaderAuth/" + CONF + "Header"; - - /** - * Creates a new <code>MOAConfigurationProvider</code>. - * - * @param configElem The root element of the MOA-ID configuration. - */ - public ProxyConfigurationBuilder(Element configElem, String rootConfigDir) { - super(configElem, rootConfigDir); - } - - /** - * Method buildOAConfiguration. - * - * Build an {@link OAConfiguration} Object from the given configuration DOM element - * - * @param root - * @return OAConfiguration - * @throws ConfigurationException - */ - public OAConfiguration buildOAConfiguration(Element root) throws ConfigurationException{ - - OAConfiguration oaConfiguration = new OAConfiguration(); - - //The LoginType hast to be "stateless" or "stateful" to be valid - - oaConfiguration.setLoginType( - XPathUtils.getElementValue(root, OACONF_LOGIN_TYPE_XPATH, null)); - - oaConfiguration.setBinding( - XPathUtils.getElementValue(root, OACONF_BINDING_TYPE_XPATH, OAConfiguration.BINDUNG_FULL)); - - //Try to build the Parameter Auth Parameters - NodeIterator paramAuthIter = - XPathUtils.selectNodeIterator( - root, - OACONF_PARAM_AUTH_PARAMETER_XPATH); - Element paramAuthElem; - HashMap paramAuthMap = new HashMap(); - while ((paramAuthElem = (Element) paramAuthIter.nextNode()) != null) { - String name = XPathUtils.getAttributeValue(paramAuthElem, "@Name", null); - String value = XPathUtils.getAttributeValue(paramAuthElem, "@Value", null); - if (paramAuthMap.containsKey(name)) - throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"}); - paramAuthMap.put(name, value); - } - oaConfiguration.setParamAuthMapping(paramAuthMap); - // Try to build the BasicAuthParameters - oaConfiguration.setBasicAuthUserIDMapping( - XPathUtils.getElementValue(root, OACONF_USER_ID_XPATH, null)); - oaConfiguration.setBasicAuthPasswordMapping( - XPathUtils.getElementValue(root, OACONF_PASSWORD_XPATH, null)); - - //Try to build the Parameter Auth Parameters - NodeIterator headerAuthIter = XPathUtils.selectNodeIterator(root,OACONF_HEADER_AUTH_HEADER_XPATH); - - Element headerAuthElem; - HashMap headerAuthMap = new HashMap(); - while ((headerAuthElem = (Element) headerAuthIter.nextNode()) != null) { - String name = - XPathUtils.getAttributeValue(headerAuthElem, "@Name", null); - String value = - XPathUtils.getAttributeValue(headerAuthElem, "@Value", null); - // Contains Key (Neue Config-Exception: doppelte werte) - if (headerAuthMap.containsKey(name)) - throw new ConfigurationException("config.06", new Object[]{"Doppelter Wert für Parameter per HeaderAuthentication"}); - headerAuthMap.put(name, value); - } - oaConfiguration.setHeaderAuthMapping(headerAuthMap); - - if (paramAuthMap.size() == 0) { - if (oaConfiguration.getBasicAuthUserIDMapping() == null) { - oaConfiguration.setAuthType(OAConfiguration.HEADER_AUTH); - } - else - oaConfiguration.setAuthType(OAConfiguration.BASIC_AUTH); - } - else - oaConfiguration.setAuthType(OAConfiguration.PARAM_AUTH); - - return oaConfiguration; - } - - - /** - * Build an array of OnlineApplication Parameter Beans containing information - * about the proxy component - * @return An OAProxyParameter array containing beans - * with all relevant information for the proxy component of the online - * application - */ - public OAProxyParameter[] buildOnlineApplicationProxyParameters() throws ConfigurationException{ - - List oA_list = new ArrayList(); - NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH); - - for (int i = 0; i < OAIter.getLength(); i++) { - Element oAElem = (Element) OAIter.item(i); - - Element proxyComponentElem = (Element) XPathUtils.selectSingleNode(oAElem,OA_PROXY_COMPONENT_XPATH); - if (proxyComponentElem != null) { - OAProxyParameter oap = new OAProxyParameter(); - - oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix")); - oap.setOaType(oAElem.getAttribute("type")); - oap.setConfigFileURL(XPathUtils.getAttributeValue(oAElem, OA_PROXY_URL_XPATH, null)); - oap.setConfigFileURL(FileUtils.makeAbsoluteURL(oap.getConfigFileURL(), rootConfigFileDir_)); - // default session time out: 3600 sec = 1 h - oap.setSessionTimeOut(new Integer(XPathUtils.getAttributeValue(oAElem,OA_PROXY_SESSION_TIMEOUT_XPATH,"3600")).intValue()); - oap.setLoginParameterResolverImpl(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_XPATH, null)); - oap.setLoginParameterResolverConfiguration(XPathUtils.getAttributeValue(oAElem, OA_PROXY_LOGIN_PARA_CONF_XPATH, null)); - oap.setLoginParameterResolverConfiguration(FileUtils.makeAbsoluteURL(oap.getLoginParameterResolverConfiguration(), rootConfigFileDir_)); - oap.setConnectionBuilderImpl(XPathUtils.getAttributeValue(oAElem,OA_PROXY_CONNECTION_BUILDER_XPATH, null)); - oap.setErrorRedirctURL(XPathUtils.getAttributeValue(oAElem,OA_PROXY_ERROR_REDIRECT_URL_XPATH, null)); - - ConnectionParameter conPara = buildConnectionParameter(proxyComponentElem); - oap.setConnectionParameter(conPara); - - OAConfiguration oaConf = buildOAConfiguration(getOAConfigElement(oap)); - oap.setOaConfiguration(oaConf); - - oA_list.add(oap); - } - } - OAProxyParameter[] result = - new OAProxyParameter[oA_list.size()]; - oA_list.toArray(result); - - return result; - - } - - /** - * Reads the configuration file of the online application, and creates a DOM tree from it. - * If <code>/OnlineApplication/ProxyComponent@configFileURL</code> is not given, - * uses default configuration file location. - * - * @param oap configuration data of online application, meant for use by MOA-ID-PROXY - * @return Element DOM tree root element - * @throws ConfigurationException on any exception thrown - */ - private Element getOAConfigElement(OAProxyParameter oap) throws ConfigurationException - { - try { - String configFileURL = oap.getConfigFileURL(); - if (configFileURL == null) { - // use default config file URL, when config file URL is not given - configFileURL = oap.getConnectionParameter().getUrl(); - if (configFileURL.charAt(configFileURL.length() - 1) != '/') - configFileURL += "/"; - configFileURL += DEFAULT_OA_CONFIG_FILENAME; - } - Logger.info("Loading MOA-OA configuration " + configFileURL); - Element configElem = DOMUtils.parseXmlValidating( - new ByteArrayInputStream(FileUtils.readURL(configFileURL))); - return configElem; - } - catch (Throwable t) { - throw new ConfigurationException("config.03", new Object[] {"OAConfiguration"} , t); - } - } - - /** - * Build a bean containing all information about the ProxyComponent - * @return The ConnectionParameter for the Proxy Component - */ - public ConnectionParameter buildAuthComponentConnectionParameter() - { - - Element connectionParameter = (Element) XPathUtils.selectSingleNode(configElem_, PROXY_AUTH_XPATH); - if (connectionParameter==null) return null; - return buildConnectionParameter(connectionParameter); - - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java deleted file mode 100644 index 66d330d20..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java +++ /dev/null @@ -1,260 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.proxy; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.net.MalformedURLException; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.legacy.ConnectionParameter; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.FileUtils; - -/** - * A class providing access to the Proxy Part of the MOA-ID configuration data. - * - * <p>Configuration data is read from an XML file, whose location is given by - * the <code>moa.id.configuration</code> system property.</p> - * <p>This class implements the Singleton pattern. The <code>reload()</code> - * method can be used to update the configuration data. Therefore, it is not - * guaranteed that consecutive calls to <code>getInstance()</code> will return - * the same <code>ProxyConfigurationProvider</code> all the time. During the - * processing of a web service request, the current - * <code>TransactionContext</code> should be used to obtain the - * <code>ProxyConfigurationProvider</code> local to that request.</p> - * - * @author Stefan Knirsch - */ -public class ProxyConfigurationProvider extends ConfigurationProvider { - - /** Singleton instance. <code>null</code>, if none has been created. */ - private static ProxyConfigurationProvider instance; - - - // - // configuration data - // - /** - * connection parameters for connection to MOA ID Auth component - */ - private ConnectionParameter authComponentConnectionParameter; - /** - * configuration parameters for online applications - */ - private OAProxyParameter[] onlineApplicationProxyParameter; - - /** - * Return the single instance of configuration data. - * - * @return ProxyConfigurationProvider The current configuration data. - * @throws ConfigurationException - */ - public static synchronized ProxyConfigurationProvider getInstance() - throws ConfigurationException { - - if (instance == null) { - reload(); - } - return instance; - } - - /** - * Reload the configuration data and set it if successful. - * - * @return ProxyConfigurationProvider The loaded configuration data. - * @throws ConfigurationException Failure to load the configuration data. - */ - public static synchronized ProxyConfigurationProvider reload() - throws ConfigurationException { - String fileName = System.getProperty(PROXY_CONFIG_PROPERTY_NAME); - if (fileName == null) { - throw new ConfigurationException("config.20", null); - } - Logger.info("Loading MOA-ID-PROXY configuration " + fileName); - - instance = new ProxyConfigurationProvider(fileName); - return instance; - } - - /** - * Constructor for ProxyConfigurationProvider. - */ - public ProxyConfigurationProvider(String fileName) - throws ConfigurationException { - - load(fileName); - } - - /** - * Load the configuration data from XML file with the given name and build - * the internal data structures representing the MOA configuration. - * - * @param fileName The name of the XML file to load. - * @throws ConfigurationException The MOA configuration could not be - * read/built. - */ - private void load(String fileName) throws ConfigurationException { - FileInputStream stream = null; - Element configElem; - ProxyConfigurationBuilder builder; - - try { - // load the main config file - stream = new FileInputStream(fileName); - configElem = DOMUtils.parseXmlValidating(stream); - } - catch (Throwable t) { - throw new ConfigurationException("config.03", null, t); - } - finally { - try { - if (stream != null) { - stream.close(); - } - } - catch (IOException e) { - } - } - try { - // determine the directory of the root config file - rootConfigFileDir = new File(fileName).getParent(); - try { - rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); - } catch (MalformedURLException t) { - throw new ConfigurationException("config.03", null, t); - } - - // build the internal datastructures - builder = new ProxyConfigurationBuilder(configElem, rootConfigFileDir); - authComponentConnectionParameter = builder.buildAuthComponentConnectionParameter(); - - onlineApplicationProxyParameter = builder.buildOnlineApplicationProxyParameters(); - for(int i = 0; i < onlineApplicationProxyParameter.length; i++) { - onlineApplicationProxyParameter[i].setConfigFileURL(FileUtils.makeAbsoluteURL(onlineApplicationProxyParameter[i].getConfigFileURL(), rootConfigFileDir)); - } - - genericConfiguration = builder.buildGenericConfiguration(); - defaultChainingMode = builder.getDefaultChainingMode(); - chainingModes = builder.buildChainingModes(); - trustedCACertificates = builder.getTrustedCACertificates(); - trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir); - - } - catch (Throwable t) { - throw new ConfigurationException("config.02", null, t); - } - } - - public String getTrustedCACertificates() { - - return trustedCACertificates; - } - - /** - * @return the certstoreDirectory - */ - public String getCertstoreDirectory() { - if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY)) - return (String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY); - else - return null; - } - - /** - * @return the trustmanagerrevoationchecking - */ - public boolean isTrustmanagerrevoationchecking() { - if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)) - return Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)); - else - return true; - } - - - /** - * Return a bean containing all information about the ProxyComponent - * @return The ConnectionParameter for the Proxy Component - */ - public ConnectionParameter getAuthComponentConnectionParameter() { - return authComponentConnectionParameter; - } - - /** - * Build an array of OnlineApplication Parameter Beans containing all - * information about the proxy component of the online application - * @return An OAProxyParameter array containing beans - * with all relevant information for the proxy component of the online - * application - */ - public OAProxyParameter[] getOnlineApplicationParameters() { - return onlineApplicationProxyParameter; - } - /** - * Provides configuration information regarding the online application behind - * the given URL, relevant to the MOA-ID Proxy component. - * - * @param oaURL URL requested for an online application - * @return an <code>OAProxyParameter</code>, or <code>null</code> - * if none is applicable - */ - public OAProxyParameter getOnlineApplicationParameter(String oaURL) { - OAProxyParameter[] oaParams = getOnlineApplicationParameters(); - for (int i = 0; i < oaParams.length; i++) { - OAProxyParameter oaParam = oaParams[i]; - if (oaURL.startsWith(oaParam.getPublicURLPrefix())) - return oaParam; - } - return null; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java index 136b40295..9532aa9ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java @@ -25,7 +25,6 @@ */
package at.gv.egovernment.moa.id.config.stork;
-import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
@@ -33,16 +32,14 @@ import java.util.HashMap; import java.util.List;
import java.util.Map;
import java.util.Properties;
+import java.util.Set;
-import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
-import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
-import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.xml.sax.SAXException;
-
-import javax.xml.parsers.ParserConfigurationException;
/**
* Encapsulates several STORK configuration parameters according MOA configuration
@@ -54,63 +51,71 @@ public class STORKConfig { /** STORK SAML signature creation parameters */
private Properties props = null;
- private Map<String, CPEPS> cpepsMap = null;
+ private Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>();
private String basedirectory = null;
private SignatureVerificationParameter sigverifyparam = null;
private List<StorkAttribute> attr = null;
- public STORKConfig(STORK stork, Properties props, String basedirectory) {
+ public STORKConfig(Properties props, String basedirectory) throws ConfigurationException {
this.basedirectory = basedirectory;
this.props = props;
//create CPEPS map
- //List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
- List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = new ArrayList<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS>(); // TODO Change this
-
- try {
- cpeps = stork.getCPEPS();
-
- } catch (NullPointerException ex) {
- Logger.error("CPEPS not configured!");
+ List<CPEPS> cpeps = new ArrayList<CPEPS>();
+
+ Map<String, String> storkCPEPSProps =
+ AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + ".");
+ if (storkCPEPSProps != null) {
+ Set<String> keyValues = storkCPEPSProps.keySet();
+ for (Object elObj : keyValues) {
+ if (elObj instanceof String) {
+ String el = (String) elObj;
+ if (el.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY)) {
+ int index = el.indexOf(".");
+ String listCounter = el.substring(0, index);
+
+ if (MiscUtil.isNotEmpty(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY))) {
+ try {
+ CPEPS moacpep =
+ new CPEPS(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY),
+ new URL(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL)),
+ Boolean.valueOf(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG)));
+ cpepsMap.put(moacpep.getCountryCode(), moacpep);
+
+ } catch (MalformedURLException e) {
+ Logger.warn("CPEPS URL " +
+ storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL) +
+ " are not parseable.", e);
+
+ }
+ }
+ }
+ }
+ }
+ }
+
+ attr = new ArrayList<StorkAttribute>();
+ Map<String, String> storkAttributeProps =
+ AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix(
+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST);
+ if (storkAttributeProps != null) {
+ Set<String> keyValues = storkAttributeProps.keySet();
+ for (Object elObj : keyValues) {
+ if (elObj instanceof String) {
+ String el = (String) elObj;
+ if (el.endsWith(MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME)) {
+ int index = el.indexOf(".");
+ String listCounter = el.substring(0, index);
+ StorkAttribute moaStorkAttr =
+ new StorkAttribute(storkAttributeProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME),
+ Boolean.valueOf(storkAttributeProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY)));
+ attr.add(moaStorkAttr);
+ }
+ }
+ }
}
-
- cpepsMap = new HashMap<String, CPEPS>();
-
- if (cpeps != null) {
- for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
-
- try {
- CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()), cpep.isSupportsXMLSignature());
-
- cpepsMap.put(cpep.getCountryCode(), moacpep);
-
- } catch (MalformedURLException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid URL and is ignored.");
- }
- }
- /*catch (ParserConfigurationException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (SAXException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (IOException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- } catch (MessageEncodingException e) {
- Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
- + cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
- }*/
- }
- attr = new ArrayList<StorkAttribute>();
- if (stork != null && stork.getAttributes() != null) {
- for(StorkAttribute current : stork.getAttributes()) {
- attr.add(current);
- }
- }
-
}
public SignatureCreationParameter getSignatureCreationParameter() {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttribute.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttribute.java new file mode 100644 index 000000000..87ec7fb0c --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttribute.java @@ -0,0 +1,27 @@ +package at.gv.egovernment.moa.id.config.stork; + +public class StorkAttribute { + + protected Boolean mandatory; + protected String name; + + public StorkAttribute(String name, boolean mandatory) { + this.name = name; + this.mandatory = mandatory; + } + + public Boolean getMandatory() { + return mandatory; + } + public void setMandatory(Boolean mandatory) { + this.mandatory = mandatory; + } + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttributeProviderPlugin.java new file mode 100644 index 000000000..619af2358 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/StorkAttributeProviderPlugin.java @@ -0,0 +1,81 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.stork; + +/** + * @author tlenz + * + */ +public class StorkAttributeProviderPlugin { + private String name = null; + private String url = null; + private String attributes = null; + + /** + * + */ + public StorkAttributeProviderPlugin(String name, String url, String attributes) { + this.name = name; + this.url = url; + this.attributes = attributes; + } + + /** + * @return the name + */ + public String getName() { + return name; + } + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + /** + * @return the url + */ + public String getUrl() { + return url; + } + /** + * @param url the url to set + */ + public void setUrl(String url) { + this.url = url; + } + /** + * @return the attributes + */ + public String getAttributes() { + return attributes; + } + /** + * @param attributes the attributes to set + */ + public void setAttributes(String attributes) { + this.attributes = attributes; + } + + +} |