aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-07-16 18:34:17 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-07-16 18:34:17 +0200
commit43b57a3c903669fc9de36c46e99773bac97a2102 (patch)
tree1e5cd74c040f79709d0265acb134bb50085848e3 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config
parent05d5c29bb3be38d40484f9c5bb5fdbdc131cba9f (diff)
parent4ae32fabc822b3c8ed51d380969f7db682d1bfae (diff)
downloadmoa-id-spss-43b57a3c903669fc9de36c46e99773bac97a2102.tar.gz
moa-id-spss-43b57a3c903669fc9de36c46e99773bac97a2102.tar.bz2
moa-id-spss-43b57a3c903669fc9de36c46e99773bac97a2102.zip
Merge branch 'huge_refactoring' into development_preview
# Conflicts: # id/server/doc/handbook/config/config.html # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java # id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java # id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java # id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java90
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java (renamed from id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java)347
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java422
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java69
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java154
5 files changed, 664 insertions, 418 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
index 8b0134f9c..f44ec756e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java
@@ -46,14 +46,17 @@
package at.gv.egovernment.moa.id.config;
+import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.Map;
import java.util.Properties;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.impl.idp.conf.AbstractConfigurationImpl;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
import at.gv.egovernment.moa.id.commons.api.ConfigurationProvider;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.SpringProfileConstants;
-import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.util.config.EgovUtilPropertiesConfiguration;
@@ -65,14 +68,15 @@ import at.gv.util.config.EgovUtilPropertiesConfiguration;
* @author Paul Ivancsics
* @version $Id$
*/
-public abstract class ConfigurationProviderImpl implements ConfigurationProvider{
+public abstract class ConfigurationProviderImpl extends AbstractConfigurationImpl implements ConfigurationProvider{
/**
* Constructor
+ * @throws EAAFConfigurationException
*/
- public ConfigurationProviderImpl() {
-
- super();
+ public ConfigurationProviderImpl(String configFilePath) throws EAAFConfigurationException {
+ super(configFilePath);
+
}
private EgovUtilPropertiesConfiguration eGovUtilsConfig = null;
@@ -117,26 +121,7 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
/** The default chaining mode. */
protected String defaultChainingMode = "pkix";
-
- /**
- * main configuration file directory name used to configure MOA-ID
- */
- protected String rootConfigFileDir;
-
-
- protected Properties configProp = null;
-
- /**
- * Returns the main configuration file directory used to configure MOA-ID
- *
- * @return the directory
- */
- public String getRootConfigFileDir() {
- return rootConfigFileDir;
- }
-
-
public String getDefaultChainingMode() {
return defaultChainingMode;
}
@@ -147,15 +132,17 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
* @return
*/
public Properties getDBConnectionConfiguration() {
- return this.configProp;
+ return getFullConfigurationProperties();
+
}
/**
* @param properties
* @throws ConfigurationException
* @throws org.opensaml.xml.ConfigurationException
+ * @throws MalformedURLException
*/
- public void initial(Properties props) throws ConfigurationException, org.opensaml.xml.ConfigurationException {
+ protected void initial(Properties props) throws ConfigurationException, org.opensaml.xml.ConfigurationException, MalformedURLException {
//Initial Hibernate Framework
Logger.trace("Initializing Hibernate framework.");
try {
@@ -174,7 +161,7 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
}
// read Config Hibernate properties
- configProp = new Properties();
+ Properties configProp = new Properties();
for (Object key : props.keySet()) {
String propPrefix = "configuration.";
if (key.toString().startsWith(propPrefix+"hibernate")) {
@@ -192,37 +179,7 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
statisticProps.put(propertyName, props.get(key.toString()));
}
}
-
-// // initialize hibernate
-// synchronized (ConfigurationProviderImpl.class) {
-//
-// //Initial config Database
-// // ConfigurationDBUtils.initHibernate(configProp);
-//
-// //initial MOAID Session Database
-// Configuration config = new Configuration();
-// config.addAnnotatedClass(AssertionStore.class);
-// config.addAnnotatedClass(AuthenticatedSessionStore.class);
-// config.addAnnotatedClass(OASessionStore.class);
-// config.addAnnotatedClass(OldSSOSessionIDStore.class);
-// config.addAnnotatedClass(InterfederationSessionStore.class);
-// //config.addAnnotatedClass(ProcessInstanceStore.class);
-// config.addProperties(moaSessionProp);
-// //MOASessionDBUtils.initHibernate(config, moaSessionProp);
-//
-// //initial advanced logging
-//// if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) {
-//// Logger.info("Advanced statistic log is activated, starting initialization process ...");
-//// Configuration statisticconfig = new Configuration();
-//// statisticconfig.addAnnotatedClass(StatisticLog.class);
-//// statisticconfig.addProperties(statisticProps);
-//// StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps);
-//// Logger.info("Advanced statistic log is initialized.");
-//// }
-//
-// }
-// Logger.trace("Hibernate initialization finished.");
-
+
} catch (ExceptionInInitializerError e) {
throw new ConfigurationException("config.17", null, e);
@@ -234,7 +191,7 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
//Initialize OpenSAML for STORK
Logger.info("Starting initialization of OpenSAML...");
- MOADefaultBootstrap.bootstrap();
+ EAAFDefaultSAML2Bootstrap.bootstrap();
//DefaultBootstrap.bootstrap();
Logger.debug("OpenSAML successfully initialized");
@@ -251,7 +208,7 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
if (!eGovUtilsConfigProp.isEmpty()) {
Logger.info("Start eGovUtils client implementation configuration ...");
eGovUtilsConfig =
- new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir);
+ new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, getConfigurationRootDirectory().toURL().toString());
}
this.generateActiveProfiles(props);
@@ -291,5 +248,18 @@ public abstract class ConfigurationProviderImpl implements ConfigurationProvider
Logger.debug("Set active Spring-Profiles to: " + activeProfiles);
return activeProfiles.toArray(new String[0]);
}
+
+ public String getRootConfigFileDir() throws ConfigurationException {
+ try {
+ return getConfigurationRootDirectory().toURL().toString();
+
+ } catch (MalformedURLException e) {
+ Logger.error("Can not read Config-Root Directory.", e);
+ throw new ConfigurationException("config.03", null, e);
+
+ }
+
+
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
index 5642861c5..a2dfeba2f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
@@ -52,20 +52,19 @@ import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
-import java.util.Collections;
import java.util.HashMap;
-import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import java.util.Map.Entry;
import java.util.Set;
import org.apache.commons.lang.SerializationUtils;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
-import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.IStorkConfig;
import at.gv.egovernment.moa.id.commons.api.data.BPKDecryptionParameters;
@@ -75,8 +74,7 @@ import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute;
import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
-import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
+import at.gv.egovernment.moa.id.commons.validation.TargetValidator;
import at.gv.egovernment.moa.id.data.EncryptedData;
import at.gv.egovernment.moa.id.util.ConfigurationEncrytionUtil;
import at.gv.egovernment.moa.logging.Logger;
@@ -91,56 +89,24 @@ import at.gv.egovernment.moa.util.MiscUtil;
*
* @author Thomas Lenz
*/
-public class OAAuthParameter implements IOAAuthParameters, Serializable{
+public class OAAuthParameterDecorator implements IOAAuthParameters, Serializable{
- /**
- *
- */
private static final long serialVersionUID = -6522544229837934376L;
-
final public static String DEFAULT_KEYBOXIDENTIFIER = "SecureSignatureKeypair";
- private Map<String, String> oaConfiguration;
- private List<String> targetAreasWithNoInteralBaseIdRestriction = new ArrayList<String>();
- private List<String> targetAreasWithNoBaseIdTransmissionRestriction = new ArrayList<String>();
+
+ private ISPConfiguration spConfiguration;
+
- public OAAuthParameter(final Map<String, String> oa, AuthConfiguration authConfig) {
- this.oaConfiguration = oa;
-
- //set oa specific restrictions
- targetAreasWithNoInteralBaseIdRestriction = KeyValueUtils.getListOfCSVValues(
- authConfig.getBasicMOAIDConfiguration(
- CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL,
- MOAIDAuthConstants.PREFIX_CDID));
-
- targetAreasWithNoBaseIdTransmissionRestriction = KeyValueUtils.getListOfCSVValues(
- authConfig.getBasicMOAIDConfiguration(
- CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION,
- MOAIDAuthConstants.PREFIX_CDID));
-
- if (Logger.isTraceEnabled()) {
- Logger.trace("Internal policy for OA: " + getPublicURLPrefix());
- for (String el : targetAreasWithNoInteralBaseIdRestriction)
- Logger.trace(" Allow baseID processing for prefix " + el);
- for (String el : targetAreasWithNoBaseIdTransmissionRestriction)
- Logger.trace(" Allow baseID transfer for prefix " + el);
-
- }
- }
+ public OAAuthParameterDecorator(ISPConfiguration spConfiguration) {
+ this.spConfiguration = spConfiguration;
+ }
-
- public Map<String, String> getFullConfiguration() {
- return Collections.unmodifiableMap(this.oaConfiguration);
- }
-
- public String getConfigurationValue(String key) {
- return this.oaConfiguration.get(key);
- }
-
+
@Override
- public boolean hasBaseIdInternalProcessingRestriction() throws ConfigurationException {
+ public boolean hasBaseIdInternalProcessingRestriction() {
String targetAreaIdentifier = getAreaSpecificTargetIdentifier();
- for (String el : targetAreasWithNoInteralBaseIdRestriction) {
+ for (String el : spConfiguration.getTargetsWithNoBaseIdInternalProcessingRestriction()) {
if (targetAreaIdentifier.startsWith(el))
return false;
@@ -150,9 +116,9 @@ public class OAAuthParameter implements IOAAuthParameters, Serializable{
}
@Override
- public boolean hasBaseIdTransferRestriction() throws ConfigurationException {
+ public boolean hasBaseIdTransferRestriction() {
String targetAreaIdentifier = getAreaSpecificTargetIdentifier();
- for (String el : targetAreasWithNoBaseIdTransmissionRestriction) {
+ for (String el : spConfiguration.getTargetsWithNoBaseIdTransferRestriction()) {
if (targetAreaIdentifier.startsWith(el))
return false;
@@ -162,7 +128,7 @@ public class OAAuthParameter implements IOAAuthParameters, Serializable{
}
@Override
- public String getAreaSpecificTargetIdentifier() throws ConfigurationException {
+ public String getAreaSpecificTargetIdentifier() {
if (getBusinessService())
return getIdentityLinkDomainIdentifier();
else
@@ -185,8 +151,8 @@ public class OAAuthParameter implements IOAAuthParameters, Serializable{
*/
//@Override
private String getIdentityLinkDomainIdentifier() {
- String type = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE);
+ String type = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE);
if (MiscUtil.isNotEmpty(type) && MiscUtil.isNotEmpty(value)) {
if (MOAIDConstants.IDENIFICATIONTYPE_STORK.equals(type)) {
return MOAIDConstants.PREFIX_STORK + "AT" + "+" + value;
@@ -208,7 +174,7 @@ private String getIdentityLinkDomainIdentifier() {
*/
//@Override
private String getIdentityLinkDomainIdentifierType() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
if (MiscUtil.isNotEmpty(value))
return MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(value);
@@ -221,17 +187,17 @@ private String getIdentityLinkDomainIdentifierType() {
*/
//@Override
private String getTarget() {
- if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN)))
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET);
+ if (Boolean.parseBoolean(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN)))
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET);
else {
- if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB))) {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET)
+ if (Boolean.parseBoolean(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB))) {
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET)
+ "-"
- + oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB);
+ + spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB);
} else {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET);
}
}
}
@@ -241,11 +207,11 @@ private String getTarget() {
*/
//@Override
private String getTargetFriendlyName() {
- if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN)))
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME);
+ if (Boolean.parseBoolean(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN)))
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME);
else
- return TargetToSectorNameMapper.getSectorNameViaTarget(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET));
+ return TargetValidator.getTargetFriendlyName(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET));
}
@@ -254,7 +220,7 @@ private String getTargetFriendlyName() {
*/
@Override
public String getKeyBoxIdentifier() {
- String keyBoxId = oaConfiguration.get(
+ String keyBoxId = spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_BKU_KEYBOXIDENTIFIER);
if (MiscUtil.isNotEmpty(keyBoxId))
return keyBoxId;
@@ -269,33 +235,33 @@ public String getKeyBoxIdentifier() {
@Override
public SAML1ConfigurationParameters getSAML1Parameter() {
SAML1ConfigurationParameters returnValue = new SAML1ConfigurationParameters();
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED))
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED))
returnValue.setActive(
- Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED)));
+ Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED)));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK))
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK))
returnValue.setProvideAuthBlock(
- Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK)));
+ Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK)));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL))
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL))
returnValue.setProvideIdl(
- Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL)));
+ Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL)));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID))
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID))
returnValue.setProvideBaseId(
- Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID)));
+ Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID)));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE))
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE))
returnValue.setProvideCertificate(
- Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE)));
+ Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE)));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE))
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE))
returnValue.setProvideMandate(
- Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE)));
+ Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE)));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR))
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR))
returnValue.setProvideAllErrors(
- Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR)));
+ Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR)));
return returnValue;
}
@@ -307,14 +273,14 @@ public String getKeyBoxIdentifier() {
public List<String> getTemplateURL() {
List<String> list = new ArrayList<String>();
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE))
- list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE));
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE))
+ list.add(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE))
- list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE));
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE))
+ list.add(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE))
- list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE));
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE))
+ list.add(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE));
return list;
}
@@ -324,7 +290,7 @@ public String getKeyBoxIdentifier() {
*/
@Override
public String getAditionalAuthBlockText() {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT);
}
@@ -334,16 +300,16 @@ public String getKeyBoxIdentifier() {
@Override
public String getBKUURL(String bkutype) {
if (bkutype.equals(THIRDBKU)) {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD);
} else if (bkutype.equals(HANDYBKU)) {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY);
} else if (bkutype.equals(LOCALBKU)) {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL);
} else if (bkutype.equals(ONLINEBKU)) {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD);
}
@@ -361,14 +327,14 @@ public String getKeyBoxIdentifier() {
public List<String> getBKUURL() {
List<String> list = new ArrayList<String>();
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD))
- list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD));
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD))
+ list.add(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_THIRD));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY))
- list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY));
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY))
+ list.add(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY));
- if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL))
- list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL));
+ if (spConfiguration.containsConfigurationKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL))
+ list.add(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL));
return list;
}
@@ -380,7 +346,7 @@ public String getKeyBoxIdentifier() {
@Override
public boolean useSSO() {
try {
- return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_ENABLED));
+ return Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_ENABLED));
} catch (Exception e) {
Logger.warn("Use SSO configuration parameter is not parseable.", e);
@@ -395,7 +361,7 @@ public String getKeyBoxIdentifier() {
@Override
public boolean useSSOQuestion() {
try {
- return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST));
+ return Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST));
} catch (Exception e) {
Logger.warn("SSO user question configuration parameter is not parseable.", e);
@@ -408,7 +374,7 @@ public String getKeyBoxIdentifier() {
*/
@Override
public List<String> getMandateProfiles() {
- String profileConfig = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES);
+ String profileConfig = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES);
if (MiscUtil.isNotEmpty(profileConfig)) {
List<String> list = new ArrayList<String>();
@@ -430,7 +396,7 @@ public List<String> getMandateProfiles() {
@Override
public boolean isShowMandateCheckBox() {
try {
- return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE));
+ return Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE));
} catch (Exception e) {
Logger.warn("Enable mandates configuration parameter is not parseable.", e);
@@ -444,7 +410,7 @@ public boolean isShowMandateCheckBox() {
@Override
public boolean isOnlyMandateAllowed() {
try {
- return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_ONLY));
+ return Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_ONLY));
} catch (Exception e) {
Logger.warn("Use ONLY mandates configuration parameter is not parseable.", e);
@@ -458,7 +424,7 @@ public boolean isOnlyMandateAllowed() {
@Override
public boolean isShowStorkLogin() {
try {
- return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED));
+ return Boolean.valueOf(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED));
} catch (Exception e) {
Logger.warn("Enable STORK login configuration parameter is not parseable.", e);
@@ -472,7 +438,7 @@ public boolean isOnlyMandateAllowed() {
*/
@Override
public String getQaaLevel() {
- String eidasLoALevel = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL);
+ String eidasLoALevel = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL);
if (MiscUtil.isEmpty(eidasLoALevel))
return MOAIDConstants.eIDAS_LOA_HIGH;
else
@@ -488,23 +454,23 @@ public Collection<StorkAttribute> getRequestedSTORKAttributes() {
Map<String, Integer> attrMap = new HashMap<String, Integer>();
Map<String, StorkAttribute> resultMap = new HashMap<String, StorkAttribute>();
- Set<String> configKeys = oaConfiguration.keySet();
+ Set<String> configKeys = spConfiguration.getFullConfiguration().keySet();
for (String el : configKeys) {
if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST)) {
String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST);
if (!attrMap.containsKey(index)) {
- String isRequested = oaConfiguration.get(
+ String isRequested = spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED);
if (MiscUtil.isNotEmpty(isRequested) && Boolean.parseBoolean(isRequested)) {
StorkAttribute attr = new StorkAttribute(
- oaConfiguration.get(
+ spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME),
- Boolean.valueOf(oaConfiguration.get(
+ Boolean.valueOf(spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY)));
@@ -540,13 +506,13 @@ public boolean isRequireConsentForStorkAttributes() {
if (isSTORKPVPGateway())
return false;
- if (MiscUtil.isEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT))) {
+ if (MiscUtil.isEmpty(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT))) {
Logger.info("isRequireConsentForStorkAttributes() is empty, returning default value 'true'");
return true;
}
- return Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT));
+ return Boolean.parseBoolean(spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT));
}catch(Exception e)
{
Logger.warn("isRequireConsentForStorkAttributes() failed, returning default value 'true'", e);
@@ -560,21 +526,21 @@ public boolean isRequireConsentForStorkAttributes() {
@Override
public Collection<StorkAttributeProviderPlugin> getStorkAPs() {
Map<String, StorkAttributeProviderPlugin> pluginMap = new HashMap<String, StorkAttributeProviderPlugin>();
- Set<String> configKeys = oaConfiguration.keySet();
+ Set<String> configKeys = spConfiguration.getFullConfiguration().keySet();
for (String el : configKeys) {
if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST)) {
String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST);
if (!pluginMap.containsKey(index)) {
StorkAttributeProviderPlugin attr = new StorkAttributeProviderPlugin(
- oaConfiguration.get(
+ spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME),
- oaConfiguration.get(
+ spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL),
- oaConfiguration.get(
+ spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES));
@@ -592,7 +558,7 @@ public Collection<StorkAttributeProviderPlugin> getStorkAPs() {
@Override
public byte[] getBKUSelectionTemplate() {
try {
- String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA);
+ String bkuSelectionTemplateBase64 = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA);
if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) {
return Base64Utils.decode(bkuSelectionTemplateBase64, false);
@@ -612,7 +578,7 @@ public byte[] getBKUSelectionTemplate() {
@Override
public byte[] getSendAssertionTemplate() {
try {
- String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA);
+ String bkuSelectionTemplateBase64 = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA);
if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) {
return Base64Utils.decode(bkuSelectionTemplateBase64, false);
@@ -635,18 +601,18 @@ public Collection<CPEPS> getPepsList() {
try {
IStorkConfig availableSTORKConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig();
if (availableSTORKConfig != null) {
- Set<String> configKeys = oaConfiguration.keySet();
+ Set<String> configKeys = spConfiguration.getFullConfiguration().keySet();
for (String el : configKeys) {
if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST)) {
String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST);
if (!cPEPSMap.containsKey(index)) {
- if (Boolean.parseBoolean(oaConfiguration.get(
+ if (Boolean.parseBoolean(spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED))) {
CPEPS availableCPEPS = availableSTORKConfig.getCPEPSWithFullName(
- oaConfiguration.get(
+ spConfiguration.getConfigurationValue(
MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+ "." + index + "."
+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE));
@@ -672,13 +638,13 @@ public Collection<CPEPS> getPepsList() {
*/
@Override
public String getIDPAttributQueryServiceURL() {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL);
}
@Override
public boolean isInboundSSOInterfederationAllowed() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -687,7 +653,7 @@ public boolean isInboundSSOInterfederationAllowed() {
@Override
public boolean isOutboundSSOInterfederationAllowed() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -696,7 +662,7 @@ public boolean isOutboundSSOInterfederationAllowed() {
@Override
public boolean isPassivRequestUsedForInterfederation() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -705,7 +671,7 @@ public boolean isPassivRequestUsedForInterfederation() {
@Override
public boolean isPerformLocalAuthenticationOnInterfederationError() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -714,7 +680,7 @@ public boolean isPerformLocalAuthenticationOnInterfederationError() {
@Override
public boolean isInterfederationSSOStorageAllowed() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -728,7 +694,7 @@ public boolean isIDPPublicService() throws ConfigurationException {
public String getSTORKPVPForwardEntity() {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER);
}
@@ -737,7 +703,7 @@ public String getSTORKPVPForwardEntity() {
*/
@Override
public boolean isTestCredentialEnabled() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -750,7 +716,7 @@ public boolean isTestCredentialEnabled() {
*/
@Override
public List<String> getTestCredentialOIDs() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs);
if (MiscUtil.isNotEmpty(value)) {
List<String> list = new ArrayList<String>();
String profilesArray[] = value.split(",");
@@ -774,9 +740,9 @@ public PrivateKey getBPKDecBpkDecryptionKey() {
try {
EncryptedData encdata = new EncryptedData(
Base64Utils.decode(
- oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_BLOB), false),
+ spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_BLOB), false),
Base64Utils.decode(
- oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_IV), false));
+ spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_IV), false));
byte[] serializedData = ConfigurationEncrytionUtil.getInstance().decrypt(encdata);
BPKDecryptionParameters data =
@@ -804,12 +770,13 @@ public PrivateKey getBPKDecBpkDecryptionKey() {
*/
@Override
public String getPublicURLPrefix() {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+ return spConfiguration.getUniqueIdentifier();
+
}
private boolean getBusinessService() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -821,7 +788,7 @@ private boolean getBusinessService() {
*/
@Override
public boolean isInderfederationIDP() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
return MOAIDConfigurationConstants.PREFIX_IIDP.equals(value);
}
@@ -832,7 +799,7 @@ public boolean isInderfederationIDP() {
*/
@Override
public boolean isSTORKPVPGateway() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
return MOAIDConfigurationConstants.PREFIX_GATEWAY.equals(value);
}
@@ -845,7 +812,7 @@ public boolean isSTORKPVPGateway() {
*/
@Override
public String getFriendlyName() {
- return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME);
+ return spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME);
}
@@ -866,7 +833,7 @@ public String getFriendlyName() {
* @return true/false if bPK or wbPK should not be visible in AuthBlock
*/
public boolean isRemovePBKFromAuthBlock() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -879,9 +846,9 @@ public boolean isRemovePBKFromAuthBlock() {
*/
@Override
public List<Integer> getReversionsLoggingEventCodes() {
- String isEnabled = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_ENABLED);
+ String isEnabled = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_ENABLED);
if (MiscUtil.isNotEmpty(isEnabled) && Boolean.parseBoolean(isEnabled)) {
- String eventCodes = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_EVENTCODES);
+ String eventCodes = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_REVERSION_LOGS_EVENTCODES);
if (MiscUtil.isNotEmpty(eventCodes)) {
String[] codes = eventCodes.split(",");
List<Integer> result = new ArrayList<Integer>();
@@ -908,7 +875,7 @@ public List<Integer> getReversionsLoggingEventCodes() {
*/
@Override
public boolean isUseIDLTestTrustStore() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTIDLTRUSTSTORE);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTIDLTRUSTSTORE);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -921,7 +888,7 @@ public boolean isUseIDLTestTrustStore() {
*/
@Override
public boolean isUseAuthBlockTestTestStore() {
- String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTAUTHBLOCKTRUSTSTORE);
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_USETESTAUTHBLOCKTRUSTSTORE);
if (MiscUtil.isNotEmpty(value))
return Boolean.parseBoolean(value);
else
@@ -929,10 +896,110 @@ public boolean isUseAuthBlockTestTestStore() {
}
public String toString() {
- if (oaConfiguration != null)
- return Arrays.asList(oaConfiguration).toString();
+ if (spConfiguration.getFullConfiguration() != null)
+ return Arrays.asList(spConfiguration.getFullConfiguration()).toString();
return "Object not initialized";
}
+
+@Override
+public boolean containsConfigurationKey(String arg0) {
+ return spConfiguration.containsConfigurationKey(arg0);
+
+}
+
+@Override
+public List<String> foreignbPKSectorsRequested() {
+ String value = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN);
+ if (MiscUtil.isNotEmpty(value))
+ return KeyValueUtils.getListOfCSVValues(KeyValueUtils.normalizeCSVValueString(value));
+
+ else
+ return null;
+
+}
+
+
+
+@Override
+public Map<String, String> getFullConfiguration() {
+ return spConfiguration.getFullConfiguration();
+}
+
+
+@Override
+/**
+ * THIS METHODE IS NOT SUPPORTED IN THIS IMPLEMENTATION
+ */
+public List<String> getTargetsWithNoBaseIdInternalProcessingRestriction() {
+ return null;
+}
+
+
+@Override
+/**
+ * THIS METHODE IS NOT SUPPORTED IN THIS IMPLEMENTATION
+ */
+public List<String> getTargetsWithNoBaseIdTransferRestriction() {
+ return null;
+}
+
+
+@Override
+public String getUniqueIdentifier() {
+ return getPublicURLPrefix();
+}
+
+
+@Override
+public List<String> getRequiredLoA() {
+ String loa = getQaaLevel();
+ if (loa != null)
+ return Arrays.asList(loa);
+ else
+ return null;
+}
+
+@Override
+public String getLoAMatchingMode() {
+ return EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM;
+}
+
+@Override
+public String getConfigurationValue(String key) {
+ return spConfiguration.getConfigurationValue(key);
+}
+
+@Override
+public String getConfigurationValue(String key, String defaultValue) {
+ String value = getConfigurationValue(key);
+ if (value == null)
+ return defaultValue;
+ else
+ return value;
+}
+
+
+@Override
+public Boolean isConfigurationValue(String key) {
+ String value = getConfigurationValue(key);
+ if (value == null)
+ return Boolean.parseBoolean(value);
+
+ return null;
+
+}
+
+
+@Override
+public boolean isConfigurationValue(String key, boolean defaultValue) {
+ String value = getConfigurationValue(key);
+ if (value == null)
+ return Boolean.parseBoolean(value);
+ else
+ return defaultValue;
+
+}
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index d3e340a90..fff019ae7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -1,12 +1,6 @@
package at.gv.egovernment.moa.id.config.auth;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
@@ -20,6 +14,11 @@ import java.util.Properties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.idp.conf.SPConfigurationImpl;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
@@ -35,7 +34,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOASP;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.SecurityLayer;
import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.VerifyIdentityLink;
-import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl;
import at.gv.egovernment.moa.id.config.ConfigurationUtils;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
@@ -55,111 +53,77 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
private static final boolean TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT = true;
- private MOAIDConfiguration configuration;
- private final Properties properties = new Properties();
-
+ private MOAIDConfiguration configuration;
private boolean requireJDBCBackupImplementation = false;
- public PropertyBasedAuthConfigurationProvider(String configFileName) throws ConfigurationException {
- if (configFileName == null) {
- configFileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
-
- if (MiscUtil.isEmpty(configFileName))
- throw new ConfigurationException("config.01", null);
- }
-
- Logger.info("Loading MOA-ID-AUTH configuration " + configFileName);
-
- try {
- URI fileURI = new URI(configFileName);
- //instance = new PropertyBasedAuthConfigurationProvider(fileURI);
- initialize(fileURI);
-
- } catch (URISyntaxException e){
- Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.", e);
- throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, configFileName});
+ public PropertyBasedAuthConfigurationProvider(String configFileName) throws ConfigurationException, EAAFConfigurationException {
+ super(configFileName);
+// try {
+ Logger.info("Loading MOA-ID-AUTH configuration " + getConfigurationFilePath().toString());
+ initialize();
- }
+// } catch (URISyntaxException e){
+// Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.", e);
+// throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, configFileName});
+//
+// }
}
-// /**
-// * The constructor with path to a properties file as argument.
-// *
-// * @param fileName the path to the properties file
-// * @throws ConfigurationException if an error occurs during loading the properties file.
-// */
-// public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException {
-// initialize(fileName);
-//
-// }
+
+ //TODO: add EAAFCore configuration prefix if required
+ @Override
+ public String getApplicationSpecificKeyPrefix() {
+ return null;
+
+ }
- private void initialize(URI fileName) throws ConfigurationException {
- File propertiesFile = new File(fileName);
- rootConfigFileDir = propertiesFile.getParent();
- try {
- rootConfigFileDir = new File(rootConfigFileDir).toURI().toURL().toString();
-
- } catch (MalformedURLException t) {
- throw new ConfigurationException("config.03", null, t);
-
- }
+ @Override
+ protected String getBackupConfigPath() {
+ return System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
- FileInputStream in = null;
- try {
- in = new FileInputStream(propertiesFile);
- properties.load(in);
- super.initial(properties);
-
-// JPAPropertiesWithJavaConfig.setLocalProperties(configProp);
-// System.getProperties().setProperty("location", "file:" + fileName);
-// context = new ClassPathXmlApplicationContext(
-// new String[] { "moaid.configuration.beans.xml",
-// "configuration.beans.xml"
-// });
-// AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory();
-// acbFactory.autowireBean(this);
-
- //Some databases do not allow the selection of a lob in SQL where expression
- String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class");
- if (MiscUtil.isNotEmpty(dbDriver)) {
- for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) {
- if (dbDriver.startsWith(el)) {
- requireJDBCBackupImplementation = true;
- Logger.info("JDBC driver '" + dbDriver
- + "' is blacklisted --> Switch to alternative DB access methode implementation.");
-
- }
- }
- }
-
-
- } catch (FileNotFoundException e) {
- throw new ConfigurationException("config.03", null, e);
+ }
+
+
+ /**
+ * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component.
+ *
+ * @param oaURL URL requested for an online application
+ * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable
+ */
+ @Override
+ @Transactional
+ public ISPConfiguration getServiceProviderConfiguration(String spIdentifier) throws EAAFConfigurationException {
+ Map<String, String> oa = getActiveOnlineApplication(spIdentifier);
+ if (oa == null) {
+ return null;
+ }
+
+ return new OAAuthParameterDecorator(new SPConfigurationImpl(oa, this));
- } catch (IOException e) {
- throw new ConfigurationException("config.03", null, e);
-
- } catch (org.opensaml.xml.ConfigurationException e) {
- Logger.error("OpenSAML initilalization FAILED. ", e);
- throw new ConfigurationException("config.23", null, e);
-
- } catch (Exception e) {
- Logger.error("General error during start-up process.", e);
- throw new ConfigurationException("init.02", null, e);
-
-
- } finally {
- if (in != null)
- try {
- in.close();
-
- } catch (IOException e) {
- Logger.warn("Close MOA-ID-Auth configuration file FAILED.", e);
+ }
+
+ /**
+ * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component.
+ *
+ * @param oaURL URL requested for an online application
+ * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable
+ */
+ @SuppressWarnings("unchecked")
+ @Override
+ @Transactional
+ public <T> T getServiceProviderConfiguration(String spIdentifier, final Class<T> decorator) throws EAAFConfigurationException {
+ ISPConfiguration spConfig = getServiceProviderConfiguration(spIdentifier);
+ if (spConfig != null && decorator != null) {
+ if (decorator.isInstance(spConfig))
+ return (T)spConfig;
+ else
+ Logger.error("SPConfig: " + spConfig.getClass().getName() + " is NOT instance of: " + decorator.getName());
- }
}
+ return null;
+
}
/**
@@ -172,14 +136,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
/**
- * Get the properties.
- * @return the properties
- */
- private Properties getProperties() {
- return properties;
- }
-
- /**
* Method that avoids iterating over a {@link Collection} of type {@code T} which is actual {@code null}.
* @param item the collection
* @return the given {@link Collection} {@code item} if it is not {@code null}, or an empty {@link List} otherwise.
@@ -225,23 +181,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
}
-
- public String getBasicMOAIDConfiguration(final String key) {
- return properties.getProperty(key);
-
- }
-
- public String getBasicMOAIDConfiguration(final String key, final String defaultValue) {
- return properties.getProperty(key, defaultValue);
-
- }
-
- public Map<String, String> getBasicMOAIDConfigurationWithPrefix(final String prefix) {
- return KeyValueUtils.getSubSetWithPrefix(KeyValueUtils.concertPropertiesToMap(properties), prefix);
- }
-
-
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String)
*/
@@ -400,22 +340,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
/**
- * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component.
- *
- * @param oaURL URL requested for an online application
- * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable
- */
- @Transactional
- public OAAuthParameter getOnlineApplicationParameter(String oaURL) {
- Map<String, String> oa = getActiveOnlineApplication(oaURL);
- if (oa == null) {
- return null;
- }
-
- return new OAAuthParameter(oa, this);
- }
-
- /**
* Returns a string with a url-reference to the VerifyAuthBlock trust profile id within the moa-sp part of the authentication component.
*
* @return a string with a url-reference to the VerifyAuthBlock trust profile ID.
@@ -505,7 +429,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_URL);
if (moaspURL != null) {
result =
- new ConnectionParameterMOASP(moaspURL, this.getProperties(), this.getRootConfigFileDir());
+ new ConnectionParameterMOASP(moaspURL, getFullConfigurationProperties(), getRootConfigFileDir());
}
@@ -517,41 +441,42 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
return result;
}
- /**
- * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}.
- *
- * @return the connection parameter.
- * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}.
- */
- @Transactional
- public ConnectionParameter getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException {
- String serviceURL = null;
- try {
- //load OA specific MIS service URL if OA configuration exists
- if (oaParameters != null)
- serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL);
-
- //get first entry from general configuration if no OA specific URL exists
- if (MiscUtil.isEmpty(serviceURL)) {
- List<String> serviceURLs = KeyValueUtils.getListOfCSVValues(
- configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL));
- if (serviceURLs.size() > 0)
- serviceURL = serviceURLs.get(0);
-
- }
-
- if (MiscUtil.isNotEmpty(serviceURL))
- return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir());
-
- else
- throw new ConfigurationException("service.09", new Object[]{"NO SZR-GW Service URL"});
-
- } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
- Logger.warn("Initialize SZR-GW service connection parameters FAILED.", e);
- throw new ConfigurationException("service.09", new Object[]{e.getMessage()}, e);
-
- }
- }
+// /**
+// * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}.
+// *
+// * @return the connection parameter.
+// * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}.
+// */
+// @Transactional
+// @Deprecated
+// public ConnectionParameter getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException {
+// String serviceURL = null;
+// try {
+// //load OA specific MIS service URL if OA configuration exists
+// if (oaParameters != null)
+// serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL);
+//
+// //get first entry from general configuration if no OA specific URL exists
+// if (MiscUtil.isEmpty(serviceURL)) {
+// List<String> serviceURLs = KeyValueUtils.getListOfCSVValues(
+// configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL));
+// if (serviceURLs.size() > 0)
+// serviceURL = serviceURLs.get(0);
+//
+// }
+//
+// if (MiscUtil.isNotEmpty(serviceURL))
+// return new ConnectionParameterMandate(serviceURL, getFullConfigurationProperties(), getRootConfigFileDir());
+//
+// else
+// throw new ConfigurationException("service.09", new Object[]{"NO SZR-GW Service URL"});
+//
+// } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
+// Logger.warn("Initialize SZR-GW service connection parameters FAILED.", e);
+// throw new ConfigurationException("service.09", new Object[]{e.getMessage()}, e);
+//
+// }
+// }
/**
* Returns the {@link ConnectionParameter} for the OnlineMandates. NOTE: may return {@code null}.
@@ -577,7 +502,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
if (MiscUtil.isNotEmpty(serviceURL))
- return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir());
+ return new ConnectionParameterMandate(serviceURL, getFullConfigurationProperties(), getRootConfigFileDir());
else
throw new ConfigurationException("service.06", new Object[]{"NO MIS Service URL"});
@@ -849,8 +774,9 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return the MOASessionEncryptionKey or {@code null}
*/
public String getMOASessionEncryptionKey() {
- String prop = properties.getProperty("configuration.moasession.key");
+ String prop = getFullConfigurationProperties().getProperty("configuration.moasession.key");
return MiscUtil.isNotEmpty(prop) ? prop : null;
+
}
/**
@@ -859,7 +785,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return the MOAConfigurationEncryptionKey or {@code null}
*/
public String getMOAConfigurationEncryptionKey() {
- String prop = properties.getProperty("configuration.moaconfig.key");
+ String prop = getFullConfigurationProperties().getProperty("configuration.moaconfig.key");
return MiscUtil.isNotEmpty(prop) ? prop : null;
}
@@ -867,7 +793,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return {@code true} if IdentityLinkResigning is set, {@code false} otherwise.
*/
public boolean isIdentityLinkResigning() {
- String prop = properties.getProperty("configuration.resignidentitylink.active", "false");
+ String prop = getFullConfigurationProperties().getProperty("configuration.resignidentitylink.active", "false");
return Boolean.valueOf(prop);
}
@@ -877,7 +803,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return the IdentityLinkResigningKey or {@code null}
*/
public String getIdentityLinkResigningKey() {
- String prop = properties.getProperty("configuration.resignidentitylink.keygroup");
+ String prop = getFullConfigurationProperties().getProperty("configuration.resignidentitylink.keygroup");
return MiscUtil.isNotEmpty(prop) ? prop : null;
}
@@ -885,7 +811,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return {@code true} if MonitoringActive is set, {@code false} otherwise.
*/
public boolean isMonitoringActive() {
- String prop = properties.getProperty("configuration.monitoring.active", "false");
+ String prop = getFullConfigurationProperties().getProperty("configuration.monitoring.active", "false");
return Boolean.valueOf(prop);
}
@@ -895,7 +821,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return the MonitoringTestIdentityLinkURL or {@code null}
*/
public String getMonitoringTestIdentityLinkURL() {
- String prop = properties.getProperty("configuration.monitoring.test.identitylink.url");
+ String prop = getFullConfigurationProperties().getProperty("configuration.monitoring.test.identitylink.url");
return MiscUtil.isNotEmpty(prop) ? prop : null;
}
@@ -905,7 +831,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return the MonitoringMessageSuccess or {@code null}
*/
public String getMonitoringMessageSuccess() {
- String prop = properties.getProperty("configuration.monitoring.message.success");
+ String prop = getFullConfigurationProperties().getProperty("configuration.monitoring.message.success");
return MiscUtil.isNotEmpty(prop) ? prop : null;
}
@@ -913,7 +839,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return {@code true} if AdvancedLoggingActive is set, {@code false} otherwise.
*/
public boolean isAdvancedLoggingActive() {
- String prop = properties.getProperty("configuration.advancedlogging.active", "false");
+ String prop = getFullConfigurationProperties().getProperty("configuration.advancedlogging.active", "false");
return Boolean.valueOf(prop);
}
@@ -965,7 +891,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return {@code true} if PVP2AssertionEncryptionActive is set, {@code false} otherwise.
*/
public boolean isPVP2AssertionEncryptionActive() {
- String prop = this.getProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true");
+ String prop = getFullConfigurationProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true");
return Boolean.valueOf(prop);
}
@@ -973,7 +899,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return {@code true} if CertifiacteQCActive is set, {@code false} otherwise.
*/
public boolean isCertifiacteQCActive() {
- String prop = this.getProperties().getProperty("configuration.validation.certificate.QC.ignore", "false");
+ String prop = getFullConfigurationProperties().getProperty("configuration.validation.certificate.QC.ignore", "false");
return !Boolean.valueOf(prop);
}
@@ -993,7 +919,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
Logger.warn("Error in MOA-ID Configuration. No STORK configuration found.");
} else {
- result = new STORKConfig(this.getProperties(), this.getRootConfigFileDir());
+ result = new STORKConfig(getFullConfigurationProperties(), this.getRootConfigFileDir());
}
} catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
@@ -1055,10 +981,10 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
private Properties getGeneralProperiesConfig(final String propPrefix) {
Properties configProp = new Properties();
- for (Object key : this.getProperties().keySet()) {
+ for (Object key : getFullConfigurationProperties().keySet()) {
if (key.toString().startsWith(propPrefix)) {
String propertyName = key.toString().substring(propPrefix.length());
- configProp.put(propertyName, this.getProperties().get(key.toString()));
+ configProp.put(propertyName, getFullConfigurationProperties().get(key.toString()));
}
}
return configProp;
@@ -1087,7 +1013,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
@Transactional
public String getTrustedCACertificates() {
try {
- String path = rootConfigFileDir + configuration.getStringValue(
+ String path = getRootConfigFileDir() + configuration.getStringValue(
MOAIDConfigurationConstants.GENERAL_AUTH_TRUSTSTORE_URL);
if (MiscUtil.isNotEmpty(path))
return path;
@@ -1098,7 +1024,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
- } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
+ } catch (at.gv.egiz.components.configuration.api.ConfigurationException | ConfigurationException e) {
Logger.warn("Error in MOA-ID Configuration. No TrustStoreDirectory defined.", e);
return null;
}
@@ -1116,13 +1042,9 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
Logger.trace("Get active OnlineApplication with ID " + id + " from database.");
Map<String, String> oaConfig = null;
try {
-
- //TODO:
//Some databases do not allow the selection of a lob in SQL where expression
- String dbDriver = properties.getProperty("configuration.hibernate.connection.driver_class");
if (requireJDBCBackupImplementation)
- oaConfig = configuration.getOnlineApplicationBackupVersion(id);
-
+ oaConfig = configuration.getOnlineApplicationBackupVersion(id);
else
oaConfig = configuration.getOnlineApplication(id);
@@ -1135,7 +1057,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
Logger.info("Online application with identifier " + id + " is found, but NOT active.");
} else
- Logger.warn("Online application with identifier " + id + " is not found.");
+ Logger.info("Online application with identifier " + id + " is not found.");
} catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
@@ -1149,13 +1071,13 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
//Load document service url from moa properties
public String getDocumentServiceUrl() {
- String prop = properties.getProperty("stork.documentservice.url", "false");
+ String prop = getFullConfigurationProperties().getProperty("stork.documentservice.url", "false");
return prop;
}
public boolean isPVPSchemaValidationActive() {
- String prop = properties.getProperty("protocols.pvp2.schemavalidation", "true");
+ String prop = getFullConfigurationProperties().getProperty("protocols.pvp2.schemavalidation", "true");
return Boolean.valueOf(prop);
}
@@ -1165,7 +1087,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return true, if fake IdLs are available for stork
*/
public boolean isStorkFakeIdLActive() {
- String prop = properties.getProperty("stork.fakeIdL.active", "false");
+ String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.active", "false");
return Boolean.valueOf(prop);
}
@@ -1175,7 +1097,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return the countries
*/
public List<String> getStorkFakeIdLCountries() {
- String prop = properties.getProperty("stork.fakeIdL.countries", "");
+ String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.countries", "");
return Arrays.asList(prop.replaceAll(" ", "").split(","));
}
@@ -1185,7 +1107,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
* @return the resigning key
*/
public String getStorkFakeIdLResigningKey() {
- String prop = properties.getProperty("stork.fakeIdL.keygroup");
+ String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.keygroup");
if (MiscUtil.isNotEmpty(prop))
return prop;
else
@@ -1198,7 +1120,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
*/
@Override
public List<String> getStorkNoSignatureCountries() {
- String prop = properties.getProperty("stork.fakeIdL.noSignatureCountries", "");
+ String prop = getFullConfigurationProperties().getProperty("stork.fakeIdL.noSignatureCountries", "");
return Arrays.asList(prop.replaceAll(" ", "").split(","));
}
@@ -1208,7 +1130,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
@Override
@Deprecated
public boolean isHTTPAuthAllowed() {
- String prop = properties.getProperty("configuration.localhttpallowed.active", "false");
+ String prop = getFullConfigurationProperties().getProperty("configuration.localhttpallowed.active", "false");
return Boolean.valueOf(prop);
}
@@ -1220,7 +1142,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
final String[] DEFAULTORDER = new String[] {RevocationSourceTypes.OCSP, RevocationSourceTypes.CRL};
List<String> result = new ArrayList<String>();
- String prop = properties.getProperty("configuration.ssl.validation.revocation.method.order");
+ String prop = getFullConfigurationProperties().getProperty("configuration.ssl.validation.revocation.method.order");
if (MiscUtil.isNotEmpty(prop)) {
String[] configOrder = prop.split(",");
for (String el : configOrder) {
@@ -1301,19 +1223,89 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
}
return false;
+
+ }
+
+ private void initialize() throws ConfigurationException {
+ try {
+ initial(getFullConfigurationProperties());
+ String dbDriver = getFullConfigurationProperties().getProperty("configuration.hibernate.connection.driver_class");
+ if (MiscUtil.isNotEmpty(dbDriver)) {
+ for (String el:MOAIDConstants.JDBC_DRIVER_NEEDS_WORKAROUND) {
+ if (dbDriver.startsWith(el)) {
+ requireJDBCBackupImplementation = true;
+ Logger.info("JDBC driver '" + dbDriver
+ + "' is blacklisted --> Switch to alternative DB access methode implementation.");
+
+ }
+ }
+ }
+
+
+ } catch (org.opensaml.xml.ConfigurationException e) {
+ Logger.error("OpenSAML initilalization FAILED. ", e);
+ throw new ConfigurationException("config.23", null, e);
+
+ } catch (Exception e) {
+ Logger.error("General error during start-up process.", e);
+ throw new ConfigurationException("init.02", null, e);
+
+ }
+
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.commons.api.AuthConfiguration#getBasicMOAIDConfigurationBoolean(java.lang.String, boolean)
- */
+
@Override
- public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue) {
- String value = properties.getProperty(key);
+ public String validateIDPURL(URL requestedURL) throws EAAFException{
+ List<String> configuredPublicURLPrefix = getPublicURLPrefix();
- if (MiscUtil.isNotEmpty(value))
- return Boolean.valueOf(value.trim());
-
- return defaultValue;
+ if (!isVirtualIDPsEnabled()) {
+ Logger.trace("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0));
+ return configuredPublicURLPrefix.get(0);
+
+ } else {
+ Logger.debug("Extract AuthenticationServiceURL: " + requestedURL);
+ URL resultURL = null;
+
+ for (String el : configuredPublicURLPrefix) {
+ try {
+ URL configuredURL = new URL(el);
+
+ //get Ports from URL
+ int configPort = configuredURL.getPort();
+ if (configPort == -1)
+ configPort = configuredURL.getDefaultPort();
+
+ int authURLPort = requestedURL.getPort();
+ if (authURLPort == -1)
+ authURLPort = requestedURL.getDefaultPort();
+
+ //check AuthURL against ConfigurationURL
+ if (configuredURL.getHost().equals(requestedURL.getHost()) &&
+ configPort == authURLPort &&
+ ( configuredURL.getPath().equals(requestedURL.getPath())
+ || requestedURL.getPath().startsWith(configuredURL.getPath()) )
+ && configuredURL.getProtocol().equals(requestedURL.getProtocol()) ) {
+ Logger.debug("Select configurated PublicURLPrefix: " + configuredURL
+ + " for authURL: " + requestedURL);
+ resultURL = configuredURL;
+ }
+
+ } catch (MalformedURLException e) {
+ Logger.error("Configurated IDP PublicURLPrefix is not a valid URL." + el);
+
+ }
+ }
+
+ if (resultURL == null) {
+ Logger.warn("Extract AuthenticationServiceURL: " + requestedURL + " is NOT found in configuration.");
+ throw new ConfigurationException("config.25", new Object[]{requestedURL});
+
+ } else {
+ return resultURL.toExternalForm();
+
+ }
+ }
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
index f3db82315..390b77dab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
@@ -24,10 +24,12 @@ package at.gv.egovernment.moa.id.config.auth.data;
import java.io.Serializable;
import java.security.PrivateKey;
+import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Map;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute;
@@ -59,7 +61,7 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{
* @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#hasBaseIdInternalProcessingRestriction()
*/
@Override
- public boolean hasBaseIdInternalProcessingRestriction() throws ConfigurationException {
+ public boolean hasBaseIdInternalProcessingRestriction() {
return this.hasBaseIdProcessingRestriction;
}
@@ -67,7 +69,7 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{
* @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#hasBaseIdTransferRestriction()
*/
@Override
- public boolean hasBaseIdTransferRestriction() throws ConfigurationException {
+ public boolean hasBaseIdTransferRestriction() {
return this.hasBaseIdTransfergRestriction;
}
@@ -75,7 +77,7 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{
* @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#getAreaSpecificTargetIdentifier()
*/
@Override
- public String getAreaSpecificTargetIdentifier() throws ConfigurationException {
+ public String getAreaSpecificTargetIdentifier() {
return this.oaTargetAreaIdentifier;
}
@@ -531,5 +533,66 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{
return false;
}
+
+ @Override
+ public List<String> foreignbPKSectorsRequested() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean containsConfigurationKey(String arg0) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public List<String> getTargetsWithNoBaseIdInternalProcessingRestriction() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<String> getTargetsWithNoBaseIdTransferRestriction() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getUniqueIdentifier() {
+ return getPublicURLPrefix();
+ }
+
+ @Override
+ public List<String> getRequiredLoA() {
+ if (getQaaLevel() != null)
+ return Arrays.asList(getQaaLevel());
+ else
+ return null;
+ }
+
+ @Override
+ public String getConfigurationValue(String arg0, String arg1) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Boolean isConfigurationValue(String arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean isConfigurationValue(String arg0, boolean arg1) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public String getLoAMatchingMode() {
+ return EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM;
+ }
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java
new file mode 100644
index 000000000..9c296e2b8
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/UserWhitelistStore.java
@@ -0,0 +1,154 @@
+package at.gv.egovernment.moa.id.config.auth.data;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.io.IOUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.auth.modules.internal.tasks.UserRestrictionTask;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.egovernment.moaspss.logging.Logger;
+
+@Service("UserWhiteList_Store")
+public class UserWhitelistStore {
+
+ @Autowired(required=true) AuthConfiguration authConfig;
+
+ private List<String> whitelist = new ArrayList<String>();
+ private String absWhiteListUrl = null;
+
+ @PostConstruct
+ private void initialize() {
+ String whiteListUrl = authConfig.getBasicConfiguration(UserRestrictionTask.CONFIG_PROPS_CSV_USER_FILE);
+ String internalTarget = authConfig.getBasicConfiguration(UserRestrictionTask.CONFIG_PROPS_CSV_USER_SECTOR);
+ if (MiscUtil.isEmpty(whiteListUrl) || MiscUtil.isEmpty(internalTarget))
+ Logger.debug("Do not initialize user whitelist. Reason: NO configuration path to CSV file or NO internal bPK target for whitelist");
+
+ else {
+ if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_CDID))
+ internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_CDID.length());
+ else if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_WPBK))
+ internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_WPBK.length());
+ else if (internalTarget.startsWith(MOAIDAuthConstants.PREFIX_EIDAS))
+ internalTarget = internalTarget.substring(MOAIDAuthConstants.PREFIX_EIDAS.length());
+ else {
+ Logger.warn("Sector: " + internalTarget + " is NOT supported for user whitelist.");
+ Logger.info("User whitelist-store MAY NOT contains all user from whitelist");
+ }
+
+ try {
+ absWhiteListUrl = new URL(FileUtils.makeAbsoluteURL(whiteListUrl, authConfig.getConfigurationRootDirectory()))
+ .toURI().toString().substring("file:".length());
+ InputStream is = new FileInputStream(new File(absWhiteListUrl));
+ String whiteListString = IOUtils.toString(new InputStreamReader(is));
+ List<String> preWhitelist = KeyValueUtils.getListOfCSVValues(KeyValueUtils.normalizeCSVValueString(whiteListString));
+
+
+
+ //remove prefix if required
+ for (String bPK : preWhitelist) {
+ String[] bPKSplit = bPK.split(":");
+ if (bPKSplit.length == 1)
+ whitelist.add(bPK);
+
+ else if (bPKSplit.length ==2 ) {
+ if (internalTarget.equals(bPKSplit[0]))
+ whitelist.add(bPKSplit[1]);
+ else
+ Logger.info("Whitelist entry: " + bPK + " has an unsupported target. Entry will be removed ...");
+
+ } else
+ Logger.info("Whitelist entry: " + bPK + " has an unsupported format. Entry will be removed ...");
+
+ }
+
+ Logger.info("User whitelist is initialized with " + whitelist.size() + " entries.");
+
+
+ } catch (FileNotFoundException e) {
+ Logger.warn("Do not initialize user whitelist. Reason: CSV file with bPKs NOT found", e);
+
+ } catch (IOException e) {
+ Logger.warn("Do not initialize user whitelist. Reason: CSV file is NOT readable", e);
+
+ } catch (URISyntaxException e) {
+ Logger.warn("Do not initialize user whitelist. Reason: CSV file looks wrong", e);
+
+ }
+
+ }
+
+ }
+
+ /**
+ * Get the number of entries of the static whitelist
+ *
+ * @return
+ */
+ public int getNumberOfEntries() {
+ return whitelist.size();
+ }
+
+ /**
+ * Check if bPK is in whitelist
+ *
+ * @param bPK
+ * @return true if bPK is in whitelist, otherwise false
+ */
+ public boolean isUserbPKInWhitelist(String bPK) {
+ if (whitelist != null)
+ return whitelist.contains(bPK);
+ else
+ return false;
+
+ }
+
+ public boolean isUserbPKInWhitelistDynamic(String bPK) {
+ return isUserbPKInWhitelistDynamic(bPK, false);
+
+ }
+
+ public boolean isUserbPKInWhitelistDynamic(String bPK, boolean onlyDynamic) {
+ try {
+ if (absWhiteListUrl != null) {
+ InputStream is = new FileInputStream(new File(absWhiteListUrl));
+ String whiteListString = IOUtils.toString(new InputStreamReader(is));
+ if (whiteListString != null && whiteListString.contains(bPK)) {
+ Logger.trace("Find user with dynamic whitelist check");
+ return true;
+
+ } else {
+ Logger.debug("Can NOT find user in dynamic loaded user whitelist. Switch to static version ... ");
+ if (!onlyDynamic)
+ return isUserbPKInWhitelist(bPK);
+ }
+
+ }
+ } catch (Exception e) {
+ Logger.warn("Dynamic user whitelist check FAILED. Switch to static version ... ", e);
+
+ }
+ if (!onlyDynamic)
+ return isUserbPKInWhitelist(bPK);
+
+
+ return false;
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 14:04:00 +0000