diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-14 06:18:47 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-14 06:18:47 +0200 |
commit | 2a073c6727d704271e17d9b682be28410f23aae7 (patch) | |
tree | c5d126bc6c116527c3b0f59e4c9c6ebcd185a2a9 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data | |
parent | e441bcf4eb1a53e1bb17df34997f17206796af72 (diff) | |
download | moa-id-spss-2a073c6727d704271e17d9b682be28410f23aae7.tar.gz moa-id-spss-2a073c6727d704271e17d9b682be28410f23aae7.tar.bz2 moa-id-spss-2a073c6727d704271e17d9b682be28410f23aae7.zip |
more refactoring staff
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data')
3 files changed, 1008 insertions, 820 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java deleted file mode 100644 index 4b29fef3b..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ /dev/null @@ -1,820 +0,0 @@ -/** - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.data; - -import java.io.Serializable; -import java.text.DateFormat; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Date; -import java.util.List; -import java.util.Map; - -import org.apache.commons.collections4.map.HashedMap; -import org.w3c.dom.Element; - -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils; -import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; -import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; -import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; -import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.MiscUtil; - -/** - * @author tlenz - * - */ -public class AuthenticationData implements IAuthData, Serializable { - - private static final long serialVersionUID = -1042697056735596866L; - public static final String IDENTITY_LINK_DATE_FORMAT = "yyyy-MM-dd"; - - /** - * URL of the MOA-ID Auth component issueing this assertion - */ - private String issuer; - /** - * time instant of issue of this assertion - */ - private Date issueInstant; - /** - * user identification value (Stammzahl); <code>null</code>, - * if the authentication module is configured not to return this data - */ - private String identificationValue; - /** - * user identification type - */ - private String identificationType; - - /** - * user identityLink specialized to OAParamter - */ - private IIdentityLink identityLink; - - /** - * application specific user identifier (bPK/wbPK) - */ - private String bPK; - - /** - * application specific user identifier type - */ - private String bPKType; - - /** - * given name of the user - */ - private String givenName; - /** - * family name of the user - */ - private String familyName; - /** - * date of birth of the user - */ - private Date dateOfBirth; - /** - * says whether the certificate is a qualified certificate or not - */ - private boolean qualifiedCertificate; - /** - * says whether the certificate is a public authority or not - */ - private boolean publicAuthority; - /** - * public authority code (Behördenkennzeichen - BKZ) - */ - private String publicAuthorityCode; - - /** - * URL of the BKU - */ - private String bkuURL; - /** - * the corresponding <code>lt;saml:Assertion></code> - */ - - private boolean isBaseIDTransferRestrication = true; - - - /** - * STORK attributes from response - */ - private String ccc = null; - - private Map<String, Object> genericDataStorate = new HashedMap<String, Object>(); - - private byte[] signerCertificate = null; - - private String authBlock = null; - private List<String> encbPKList = null; - - //ISA 1.18 attributes - private List<AuthenticationRole> roles = null; - private String pvpAttribute_OU = null; - - private boolean useMandate = false; - private IMISMandate mandate = null; - private String mandateReferenceValue = null; - - private boolean foreigner =false; - private String QAALevel = null; - - private boolean ssoSession = false; - private Date ssoSessionValidTo = null; - -// private boolean interfederatedSSOSession = false; -// private String interfederatedIDP = null; - - private String sessionIndex = null; - private String nameID = null; - private String nameIDFormat = null; - - public AuthenticationData() { - issueInstant = new Date(); - } - - /** - * Returns the publicAuthority. - * @return boolean - */ - public boolean isPublicAuthority() { - return publicAuthority; - } - - /** - * Returns the publicAuthorityCode. - * @return String - */ - public String getPublicAuthorityCode() { - return publicAuthorityCode; - } - - /** - * Returns the qualifiedCertificate. - * @return boolean - */ - public boolean isQualifiedCertificate() { - return qualifiedCertificate; - } - - /** - * Returns the bPK. - * @return String - */ - public String getBPK() { - return bPK; - } - - /** - * Sets the publicAuthority. - * @param publicAuthority The publicAuthority to set - */ - public void setPublicAuthority(boolean publicAuthority) { - this.publicAuthority = publicAuthority; - } - - /** - * Sets the publicAuthorityCode. - * @param publicAuthorityIdentification The publicAuthorityCode to set - */ - public void setPublicAuthorityCode(String publicAuthorityIdentification) { - this.publicAuthorityCode = publicAuthorityIdentification; - } - - /** - * Sets the qualifiedCertificate. - * @param qualifiedCertificate The qualifiedCertificate to set - */ - public void setQualifiedCertificate(boolean qualifiedCertificate) { - this.qualifiedCertificate = qualifiedCertificate; - } - - /** - * Sets the bPK. - * @param bPK The bPK to set - */ - public void setBPK(String bPK) { - this.bPK = bPK; - } - - /** - * Returns the dateOfBirth. - * @return String - */ - public Date getDateOfBirth() { - return dateOfBirth; - } - - public String getFormatedDateOfBirth() { - DateFormat pvpDateFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); - if (getDateOfBirth() != null) - return pvpDateFormat.format(getDateOfBirth()); - else - return "2999-12-31"; - } - - /** - * Returns the familyName. - * @return String - */ - public String getFamilyName() { - return familyName; - } - - /** - * Returns the givenName. - * @return String - */ - public String getGivenName() { - return givenName; - } - - /** - * Holds the baseID of a citizen - * - * @return baseID - */ - public String getIdentificationValue() { - return identificationValue; - } - - /** - * Holds the type of the baseID - * - * @return baseID-Type - */ - public String getIdentificationType() { - return identificationType; - } - - /** - * Returns the issueInstant. - * @return String - */ - public String getIssueInstantString() { - return DateTimeUtils.buildDateTimeUTC(issueInstant); - - } - - /** - * Returns the issueInstant. - * @return String - */ - public Date getIssueInstant() { - return issueInstant; - - } - - public void setIssueInstant(Date date) { - this.issueInstant = date; - } - - /** - * Returns the issuer. - * @return String - */ - public String getIssuer() { - return issuer; - } - - /** - * Returns the BKU URL. - * @return String - */ - public String getBkuURL() { - return bkuURL; - } - - /** - * Sets the dateOfBirth. - * @param dateOfBirth The dateOfBirth to set - */ - public void setDateOfBirth(Date dateOfBirth) { - this.dateOfBirth = dateOfBirth; - } - - public void setDateOfBirth(String dateOfBirth) { - try { - if (MiscUtil.isNotEmpty(dateOfBirth)) { - DateFormat identityLinkFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); - this.dateOfBirth = identityLinkFormat.parse(dateOfBirth); - } - - } catch (ParseException e) { - Logger.warn("Parse dateOfBirht from IdentityLink FAILED", e); - - } - } - - /** - * Sets the familyName. - * @param familyName The familyName to set - */ - public void setFamilyName(String familyName) { - this.familyName = familyName; - } - - /** - * Sets the givenName. - * @param givenName The givenName to set - */ - public void setGivenName(String givenName) { - this.givenName = givenName; - } - - /** - * Sets the identificationValue. - * @param identificationValue The identificationValue to set - */ - public void setIdentificationValue(String identificationValue) { - this.identificationValue = identificationValue; - } - - /** - * Sets the identificationType. - * @param identificationType The identificationType to set - */ - public void setIdentificationType(String identificationType) { - this.identificationType = identificationType; - } - - /** - * Sets the issuer. - * @param issuer The issuer to set - */ - public void setIssuer(String issuer) { - this.issuer = issuer; - } - - /** - * Sets the bkuURL - * @param url The BKU URL to set - */ - public void setBkuURL(String url) { - this.bkuURL = url; - } - - public String getBPKType() { - return bPKType; - } - - public void setBPKType(String bPKType) { - this.bPKType = bPKType; - } - - /** - * @return the identityLink - */ - public IIdentityLink getIdentityLink() { - return identityLink; - } - - /** - * @param identityLink the identityLink to set - */ - public void setIdentityLink(IIdentityLink identityLink) { - this.identityLink = identityLink; - } - - /** - * @return the signerCertificate - */ - public byte[] getSignerCertificate() { - return signerCertificate; - } - - - /** - * @param signerCertificate the signerCertificate to set - */ - public void setSignerCertificate(byte[] signerCertificate) { - this.signerCertificate = signerCertificate; - } - - - /** - * @return the authBlock - */ - public String getAuthBlock() { - return authBlock; - } - - - /** - * @param authBlock the authBlock to set - */ - public void setAuthBlock(String authBlock) { - this.authBlock = authBlock; - } - - - /** - * @return the mandate - */ - public IMISMandate getMISMandate() { - return mandate; - } - - public Element getMandate() { - if (mandate == null) - return null; - - //parse Element from mandate XML - try { - byte[] byteMandate = mandate.getMandate(); - String stringMandate = new String(byteMandate); - return DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement(); - - } - catch (Throwable e) { - Logger.warn("Mandate content could not be generated from MISMandate."); - return null; - } - } - - - /** - * @param mandate the mandate to set - */ - public void setMISMandate(IMISMandate mandate) { - this.mandate = mandate; - } - - - /** - * @return the useMandate - */ - public boolean isUseMandate() { - return useMandate; - } - - - /** - * @param useMandate the useMandate to set - */ - public void setUseMandate(boolean useMandate) { - this.useMandate = useMandate; - } - - - /** - * @return - */ - public String getQAALevel() { - if (this.QAALevel != null && - this.QAALevel.startsWith(PVPConstants.EIDAS_QAA_PREFIX)) { - String mappedQAA = PVPtoSTORKMapper.getInstance().mapeIDASQAAToSTORKQAA(this.QAALevel); - if (MiscUtil.isNotEmpty(mappedQAA)) - return mappedQAA; - - else { - Logger.error("eIDAS QAA-level:" + this.QAALevel - + " can not be mapped to STORK QAA-level! Use " - + PVPConstants.STORK_QAA_1_1 + " as default value."); - return PVPConstants.STORK_QAA_1_1; - - } - - - } else - return this.QAALevel; - } - - - public String getEIDASQAALevel() { - if (this.QAALevel != null && - this.QAALevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) { - String mappedQAA = PVPtoSTORKMapper.getInstance().mapSTORKQAAToeIDASQAA(this.QAALevel); - if (MiscUtil.isNotEmpty(mappedQAA)) - return mappedQAA; - - else { - Logger.error("STORK QAA-level:" + this.QAALevel - + " can not be mapped to eIDAS QAA-level! Use " - + PVPConstants.EIDAS_QAA_LOW + " as default value."); - return PVPConstants.EIDAS_QAA_LOW; - - } - - - } else - return this.QAALevel; - - } - - - /** - * @return - */ - public boolean isForeigner() { - return this.foreigner; - } - - - /** - * @param foreigner the foreigner to set - */ - public void setForeigner(boolean foreigner) { - this.foreigner = foreigner; - } - - - /** - * Store QAA level in eIDAS format to authentication Data - * - * @param qAALevel the qAALevel to set - * @throws AssertionAttributeExtractorExeption - */ - public void setQAALevel(String qAALevel) { - QAALevel = qAALevel; - - } - - /** - * @return the ssoSession - */ - public boolean isSsoSession() { - return ssoSession; - } - - - /** - * @param ssoSession the ssoSession to set - */ - public void setSsoSession(boolean ssoSession) { - this.ssoSession = ssoSession; - } - - /** - * @return the mandateReferenceValue - */ - public String getMandateReferenceValue() { - return mandateReferenceValue; - } - - /** - * @param mandateReferenceValue the mandateReferenceValue to set - */ - public void setMandateReferenceValue(String mandateReferenceValue) { - this.mandateReferenceValue = mandateReferenceValue; - } - - /** - * CountryCode of the citizen which is identified and authenticated - * - * @return the CountryCode <pre>like. AT, SI, ...</pre> - */ - public String getCcc() { - return ccc; - } - - /** - * @param ccc the ccc to set - */ - public void setCcc(String ccc) { - this.ccc = ccc; - } - - /** - * @return the sessionIndex - */ - public String getSessionIndex() { - return sessionIndex; - } - - /** - * @param sessionIndex the sessionIndex to set - */ - public void setSessionIndex(String sessionIndex) { - this.sessionIndex = sessionIndex; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.data.IAuthData#getNameID() - */ - @Override - public String getNameID() { - return this.nameID; - } - - /** - * @param nameID the nameID to set - */ - public void setNameID(String nameID) { - this.nameID = nameID; - } - - /** - * @return the nameIDFormat - */ - public String getNameIDFormat() { - return nameIDFormat; - } - - /** - * @param nameIDFormat the nameIDFormat to set - */ - public void setNameIDFormat(String nameIDFormat) { - this.nameIDFormat = nameIDFormat; - } - -// /** -// * @return the interfederatedSSOSession -// */ -// public boolean isInterfederatedSSOSession() { -// return interfederatedSSOSession; -// } -// -// /** -// * @param interfederatedSSOSession the interfederatedSSOSession to set -// */ -// public void setInterfederatedSSOSession(boolean interfederatedSSOSession) { -// this.interfederatedSSOSession = interfederatedSSOSession; -// } -// -// /** -// * @return the interfederatedIDP -// */ -// public String getInterfederatedIDP() { -// return interfederatedIDP; -// } -// -// /** -// * @param interfederatedIDP the interfederatedIDP to set -// */ -// public void setInterfederatedIDP(String interfederatedIDP) { -// this.interfederatedIDP = interfederatedIDP; -// } - - /** - * @return the ssoSessionValidTo - */ - public Date getSsoSessionValidTo() { - return ssoSessionValidTo; - } - - /** - * @param ssoSessionValidTo the ssoSessionValidTo to set - */ - public void setSsoSessionValidTo(Date ssoSessionValidTo) { - this.ssoSessionValidTo = ssoSessionValidTo; - } - - /** - * @return the encbPKList - */ - public List<String> getEncbPKList() { - return encbPKList; - } - - /** - * @param encbPKList the encbPKList to set - */ - public void setEncbPKList(List<String> encbPKList) { - this.encbPKList = encbPKList; - } - - /** - * @return the roles - */ - public List<AuthenticationRole> getAuthenticationRoles() { -// if (this.roles == null) { -// this.roles = new ArrayList<AuthenticationRole>(); -// this.roles.add(new AuthenticationRole("xxpvprole", "xxpvprole")); -// this.roles.add(new AuthenticationRole("yypvprole", "yypvprole")); -// } - - return roles; - } - - //ISA 1.18 attributes - /** - * @param roles the roles to set - */ - public void addAuthenticationRole(AuthenticationRole role) { - if (this.roles == null) - this.roles = new ArrayList<AuthenticationRole>(); - - this.roles.add(role); - } - - /** - * @return the pvpAttribute_OU - */ - public String getPvpAttribute_OU() { - return pvpAttribute_OU; - } - - /** - * @param pvpAttribute_OU the pvpAttribute_OU to set - */ - public void setPvpAttribute_OU(String pvpAttribute_OU) { - this.pvpAttribute_OU = pvpAttribute_OU; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.data.IAuthData#isBusinessService() - */ - @Override - public boolean isBaseIDTransferRestrication() { - return isBaseIDTransferRestrication; - } - - /** - * @param isBaseIDTransmittionAllowed the isBaseIDTransmittionAllowed to set - */ - public void setBaseIDTransferRestrication(boolean isBaseIDTransferRestrication) { - this.isBaseIDTransferRestrication = isBaseIDTransferRestrication; - } - - /** - * Returns a generic data-object with is stored with a specific identifier - * - * @param key The specific identifier of the data object - * @param clazz The class type which is stored with this key - * @return The data object or null if no data is found with this key - */ - public <T> T getGenericData(String key, final Class<T> clazz) { - if (MiscUtil.isNotEmpty(key)) { - Object data = genericDataStorate.get(key); - - if (data == null) - return null; - - try { - @SuppressWarnings("unchecked") - T test = (T) data; - return test; - - } catch (Exception e) { - Logger.warn("Generic authentication-data object can not be casted to requsted type", e); - return null; - - } - - } - - Logger.warn("Can not load generic session-data with key='null'"); - return null; - - } - - /** - * Store a generic data-object to session with a specific identifier - * - * @param key Identifier for this data-object - * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface - * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage - */ - public void setGenericData(String key, Object object) throws SessionDataStorageException { - if (MiscUtil.isEmpty(key)) { - Logger.warn("Generic session-data can not be stored with a 'null' key"); - throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); - - } - - if (object != null) { - if (!Serializable.class.isInstance(object)) { - Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); - throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); - - } - } - - if (genericDataStorate.containsKey(key)) - Logger.debug("Overwrite generic data with key:" + key); - else - Logger.trace("Add generic data with key:" + key + " to session."); - - genericDataStorate.put(key, object); - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IMOAAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IMOAAuthData.java new file mode 100644 index 000000000..b8dccfa65 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IMOAAuthData.java @@ -0,0 +1,40 @@ +package at.gv.egovernment.moa.id.data; + +import java.util.List; + +import org.w3c.dom.Element; + +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; + +public interface IMOAAuthData extends IAuthData{ + + @Deprecated + /** + * Return STORK QAA level + * + * @return + */ + String getQAALevel(); + + List<String> getEncbPKList(); + IIdentityLink getIdentityLink(); + byte[] getSignerCertificate(); + String getAuthBlock(); + boolean isPublicAuthority(); + String getPublicAuthorityCode(); + boolean isQualifiedCertificate(); + String getBkuURL(); + String getInterfederatedIDP(); + boolean isInterfederatedSSOSession(); + boolean isUseMandate(); + IMISMandate getMISMandate(); + Element getMandate(); + String getMandateReferenceValue(); + + //ISA 1.18 attributes + String getPvpAttribute_OU(); + List<AuthenticationRole> getAuthenticationRoles(); + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MOAAuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MOAAuthenticationData.java new file mode 100644 index 000000000..0e8a988ce --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/MOAAuthenticationData.java @@ -0,0 +1,968 @@ +/** + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.data; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.List; + +import org.w3c.dom.Element; + +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; +import at.gv.egovernment.moa.id.commons.api.data.IMISMandate; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.MiscUtil; + + + +/** + * @author tlenz + * + */ +public class MOAAuthenticationData extends AuthenticationData implements IMOAAuthData, Serializable { + + private static final long serialVersionUID = 1L; + private IIdentityLink identityLink; + private boolean qualifiedCertificate; + private boolean publicAuthority; + private String publicAuthorityCode; + private String bkuURL; + private byte[] signerCertificate = null; + private String authBlock = null; + private String QAALevel = null; + private List<String> encbPKList; + + //ISA 1.18 attributes + private List<AuthenticationRole> roles = null; + private String pvpAttribute_OU = null; + + private boolean useMandate = false; + private IMISMandate mandate = null; + private String mandateReferenceValue = null; + + private boolean interfederatedSSOSession; + private String interfederatedIDP; + + + /** + * @return + */ + @Override + public String getQAALevel() { + if (this.QAALevel != null && + this.QAALevel.startsWith(PVPConstants.EIDAS_QAA_PREFIX)) { + String mappedQAA = PVPtoSTORKMapper.getInstance().mapeIDASQAAToSTORKQAA(this.QAALevel); + if (MiscUtil.isNotEmpty(mappedQAA)) + return mappedQAA; + + else { + Logger.error("eIDAS QAA-level:" + this.QAALevel + + " can not be mapped to STORK QAA-level! Use " + + PVPConstants.STORK_QAA_1_1 + " as default value."); + return PVPConstants.STORK_QAA_1_1; + + } + + + } else + return this.QAALevel; + + } + + @Override + public List<String> getEncbPKList() { + return this.encbPKList; + } + + + @Override + public IIdentityLink getIdentityLink() { + return identityLink; + } + + /** + * @param identityLink the identityLink to set + */ + public void setIdentityLink(IIdentityLink identityLink) { + this.identityLink = identityLink; + } + + @Override + public byte[] getSignerCertificate() { + return signerCertificate; + } + + + /** + * @param signerCertificate the signerCertificate to set + */ + public void setSignerCertificate(byte[] signerCertificate) { + this.signerCertificate = signerCertificate; + } + + + @Override + public String getAuthBlock() { + return authBlock; + } + + + /** + * @param authBlock the authBlock to set + */ + public void setAuthBlock(String authBlock) { + this.authBlock = authBlock; + } + + + @Override + public IMISMandate getMISMandate() { + return mandate; + } + + @Override + public Element getMandate() { + if (mandate == null) + return null; + + //parse Element from mandate XML + try { + byte[] byteMandate = mandate.getMandate(); + String stringMandate = new String(byteMandate); + return DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement(); + + } + catch (Throwable e) { + Logger.warn("Mandate content could not be generated from MISMandate."); + return null; + } + } + + + /** + * @param mandate the mandate to set + */ + public void setMISMandate(IMISMandate mandate) { + this.mandate = mandate; + } + + + @Override + public boolean isUseMandate() { + return useMandate; + } + + + public void setUseMandate(boolean useMandate) { + this.useMandate = useMandate; + } + + + @Override + public boolean isPublicAuthority() { + return publicAuthority; + } + + @Override + public String getPublicAuthorityCode() { + return publicAuthorityCode; + } + + @Override + public boolean isQualifiedCertificate() { + return qualifiedCertificate; + } + + + @Override + public String getBkuURL() { + return bkuURL; + + } + + /** + * Sets the bkuURL + * @param url The BKU URL to set + */ + public void setBkuURL(String url) { + this.bkuURL = url; + } + + @Override + public boolean isInterfederatedSSOSession() { + return this.interfederatedSSOSession; + } + + /** + * @param interfederatedSSOSession the interfederatedSSOSession to set + */ + public void setInterfederatedSSOSession(boolean interfederatedSSOSession) { + this.interfederatedSSOSession = interfederatedSSOSession; + } + + @Override + public String getInterfederatedIDP() { + return this.interfederatedIDP; + } + + /** + * @param interfederatedIDP the interfederatedIDP to set + */ + public void setInterfederatedIDP(String interfederatedIDP) { + this.interfederatedIDP = interfederatedIDP; + } + + + @Override + public String getMandateReferenceValue() { + return mandateReferenceValue; + } + + /** + * @param mandateReferenceValue the mandateReferenceValue to set + */ + public void setMandateReferenceValue(String mandateReferenceValue) { + this.mandateReferenceValue = mandateReferenceValue; + } + + + @Override + public List<AuthenticationRole> getAuthenticationRoles() { + return roles; + } + + //ISA 1.18 attributes + /** + * @param roles the roles to set + */ + public void addAuthenticationRole(AuthenticationRole role) { + if (this.roles == null) + this.roles = new ArrayList<AuthenticationRole>(); + + this.roles.add(role); + } + + @Override + public String getPvpAttribute_OU() { + return pvpAttribute_OU; + } + + /** + * @param pvpAttribute_OU the pvpAttribute_OU to set + */ + public void setPvpAttribute_OU(String pvpAttribute_OU) { + this.pvpAttribute_OU = pvpAttribute_OU; + } + + /** + * Store QAA level in eIDAS format to authentication Data + * + * @param qAALevel the qAALevel to set + * @throws AssertionAttributeExtractorExeption + */ + public void setQAALevel(String qAALevel) { + this.QAALevel = qAALevel; + + } + + /** + * @param encbPKList the encbPKList to set + */ + public void setEncbPKList(List<String> encbPKList) { + this.encbPKList = encbPKList; + } + + + /** + * Sets the publicAuthority. + * @param publicAuthority The publicAuthority to set + */ + public void setPublicAuthority(boolean publicAuthority) { + this.publicAuthority = publicAuthority; + } + + /** + * Sets the publicAuthorityCode. + * @param publicAuthorityIdentification The publicAuthorityCode to set + */ + public void setPublicAuthorityCode(String publicAuthorityIdentification) { + this.publicAuthorityCode = publicAuthorityIdentification; + } + + /** + * Sets the qualifiedCertificate. + * @param qualifiedCertificate The qualifiedCertificate to set + */ + public void setQualifiedCertificate(boolean qualifiedCertificate) { + this.qualifiedCertificate = qualifiedCertificate; + } + + +// private static final long serialVersionUID = -1042697056735596866L; +// public static final String IDENTITY_LINK_DATE_FORMAT = "yyyy-MM-dd"; +// +// /** +// * URL of the MOA-ID Auth component issueing this assertion +// */ +// private String issuer; +// /** +// * time instant of issue of this assertion +// */ +// private Date issueInstant; +// /** +// * user identification value (Stammzahl); <code>null</code>, +// * if the authentication module is configured not to return this data +// */ +// private String identificationValue; +// /** +// * user identification type +// */ +// private String identificationType; +// +// /** +// * user identityLink specialized to OAParamter +// */ +// private IIdentityLink identityLink; +// +// /** +// * application specific user identifier (bPK/wbPK) +// */ +// private String bPK; +// +// /** +// * application specific user identifier type +// */ +// private String bPKType; +// +// /** +// * given name of the user +// */ +// private String givenName; +// /** +// * family name of the user +// */ +// private String familyName; +// /** +// * date of birth of the user +// */ +// private Date dateOfBirth; +// /** +// * says whether the certificate is a qualified certificate or not +// */ +// +// /** +// * says whether the certificate is a public authority or not +// */ +// /** +// * public authority code (Behördenkennzeichen - BKZ) +// */ +// +// +// /** +// * URL of the BKU +// */ +// +// /** +// * the corresponding <code>lt;saml:Assertion></code> +// */ +// +// private boolean isBaseIDTransferRestrication = true; +// +// +// /** +// * STORK attributes from response +// */ +// private String ccc = null; +// +// private Map<String, Object> genericDataStorate = new HashedMap<String, Object>(); +// +// +// +// private String authBlock = null; +// private List<String> encbPKList = null; +// +// //ISA 1.18 attributes +// private List<AuthenticationRole> roles = null; +// private String pvpAttribute_OU = null; +// +// private boolean useMandate = false; +// private IMISMandate mandate = null; +// private String mandateReferenceValue = null; +// +// private boolean foreigner =false; +// private String QAALevel = null; +// +// private boolean ssoSession = false; +// private Date ssoSessionValidTo = null; +// +//// private boolean interfederatedSSOSession = false; +//// private String interfederatedIDP = null; +// +// private String sessionIndex = null; +// private String nameID = null; +// private String nameIDFormat = null; +// +// public AuthenticationData() { +// issueInstant = new Date(); +// } +// +// /** +// * Returns the publicAuthority. +// * @return boolean +// */ +// public boolean isPublicAuthority() { +// return publicAuthority; +// } +// +// /** +// * Returns the publicAuthorityCode. +// * @return String +// */ +// public String getPublicAuthorityCode() { +// return publicAuthorityCode; +// } +// +// /** +// * Returns the qualifiedCertificate. +// * @return boolean +// */ +// public boolean isQualifiedCertificate() { +// return qualifiedCertificate; +// } +// +// /** +// * Returns the bPK. +// * @return String +// */ +// public String getBPK() { +// return bPK; +// } +// +// /** +// * Sets the publicAuthority. +// * @param publicAuthority The publicAuthority to set +// */ +// public void setPublicAuthority(boolean publicAuthority) { +// this.publicAuthority = publicAuthority; +// } +// +// /** +// * Sets the publicAuthorityCode. +// * @param publicAuthorityIdentification The publicAuthorityCode to set +// */ +// public void setPublicAuthorityCode(String publicAuthorityIdentification) { +// this.publicAuthorityCode = publicAuthorityIdentification; +// } +// +// /** +// * Sets the qualifiedCertificate. +// * @param qualifiedCertificate The qualifiedCertificate to set +// */ +// public void setQualifiedCertificate(boolean qualifiedCertificate) { +// this.qualifiedCertificate = qualifiedCertificate; +// } +// +// /** +// * Sets the bPK. +// * @param bPK The bPK to set +// */ +// public void setBPK(String bPK) { +// this.bPK = bPK; +// } +// +// /** +// * Returns the dateOfBirth. +// * @return String +// */ +// public Date getDateOfBirth() { +// return dateOfBirth; +// } +// +// public String getFormatedDateOfBirth() { +// DateFormat pvpDateFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); +// if (getDateOfBirth() != null) +// return pvpDateFormat.format(getDateOfBirth()); +// else +// return "2999-12-31"; +// } +// +// /** +// * Returns the familyName. +// * @return String +// */ +// public String getFamilyName() { +// return familyName; +// } +// +// /** +// * Returns the givenName. +// * @return String +// */ +// public String getGivenName() { +// return givenName; +// } +// +// /** +// * Holds the baseID of a citizen +// * +// * @return baseID +// */ +// public String getIdentificationValue() { +// return identificationValue; +// } +// +// /** +// * Holds the type of the baseID +// * +// * @return baseID-Type +// */ +// public String getIdentificationType() { +// return identificationType; +// } +// +// /** +// * Returns the issueInstant. +// * @return String +// */ +// public String getIssueInstantString() { +// return DateTimeUtils.buildDateTimeUTC(issueInstant); +// +// } +// +// /** +// * Returns the issueInstant. +// * @return String +// */ +// public Date getIssueInstant() { +// return issueInstant; +// +// } +// +// public void setIssueInstant(Date date) { +// this.issueInstant = date; +// } +// +// /** +// * Returns the issuer. +// * @return String +// */ +// public String getIssuer() { +// return issuer; +// } +// +// /** +// * Returns the BKU URL. +// * @return String +// */ +// public String getBkuURL() { +// return bkuURL; +// } +// +// /** +// * Sets the dateOfBirth. +// * @param dateOfBirth The dateOfBirth to set +// */ +// public void setDateOfBirth(Date dateOfBirth) { +// this.dateOfBirth = dateOfBirth; +// } +// +// public void setDateOfBirth(String dateOfBirth) { +// try { +// if (MiscUtil.isNotEmpty(dateOfBirth)) { +// DateFormat identityLinkFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT); +// this.dateOfBirth = identityLinkFormat.parse(dateOfBirth); +// } +// +// } catch (ParseException e) { +// Logger.warn("Parse dateOfBirht from IdentityLink FAILED", e); +// +// } +// } +// +// /** +// * Sets the familyName. +// * @param familyName The familyName to set +// */ +// public void setFamilyName(String familyName) { +// this.familyName = familyName; +// } +// +// /** +// * Sets the givenName. +// * @param givenName The givenName to set +// */ +// public void setGivenName(String givenName) { +// this.givenName = givenName; +// } +// +// /** +// * Sets the identificationValue. +// * @param identificationValue The identificationValue to set +// */ +// public void setIdentificationValue(String identificationValue) { +// this.identificationValue = identificationValue; +// } +// +// /** +// * Sets the identificationType. +// * @param identificationType The identificationType to set +// */ +// public void setIdentificationType(String identificationType) { +// this.identificationType = identificationType; +// } +// +// /** +// * Sets the issuer. +// * @param issuer The issuer to set +// */ +// public void setIssuer(String issuer) { +// this.issuer = issuer; +// } +// +// /** +// * Sets the bkuURL +// * @param url The BKU URL to set +// */ +// public void setBkuURL(String url) { +// this.bkuURL = url; +// } +// +// public String getBPKType() { +// return bPKType; +// } +// +// public void setBPKType(String bPKType) { +// this.bPKType = bPKType; +// } +// + +// +// + +// +// +// public String getEIDASQAALevel() { +// if (this.QAALevel != null && +// this.QAALevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) { +// String mappedQAA = PVPtoSTORKMapper.getInstance().mapSTORKQAAToeIDASQAA(this.QAALevel); +// if (MiscUtil.isNotEmpty(mappedQAA)) +// return mappedQAA; +// +// else { +// Logger.error("STORK QAA-level:" + this.QAALevel +// + " can not be mapped to eIDAS QAA-level! Use " +// + PVPConstants.EIDAS_QAA_LOW + " as default value."); +// return PVPConstants.EIDAS_QAA_LOW; +// +// } +// +// +// } else +// return this.QAALevel; +// +// } +// +// +// /** +// * @return +// */ +// public boolean isForeigner() { +// return this.foreigner; +// } +// +// +// /** +// * @param foreigner the foreigner to set +// */ +// public void setForeigner(boolean foreigner) { +// this.foreigner = foreigner; +// } +// +// + +// +// /** +// * @return the ssoSession +// */ +// public boolean isSsoSession() { +// return ssoSession; +// } +// +// +// /** +// * @param ssoSession the ssoSession to set +// */ +// public void setSsoSession(boolean ssoSession) { +// this.ssoSession = ssoSession; +// } +// +// /** +// * @return the mandateReferenceValue +// */ +// public String getMandateReferenceValue() { +// return mandateReferenceValue; +// } +// +// /** +// * @param mandateReferenceValue the mandateReferenceValue to set +// */ +// public void setMandateReferenceValue(String mandateReferenceValue) { +// this.mandateReferenceValue = mandateReferenceValue; +// } +// +// /** +// * CountryCode of the citizen which is identified and authenticated +// * +// * @return the CountryCode <pre>like. AT, SI, ...</pre> +// */ +// public String getCcc() { +// return ccc; +// } +// +// /** +// * @param ccc the ccc to set +// */ +// public void setCcc(String ccc) { +// this.ccc = ccc; +// } +// +// /** +// * @return the sessionIndex +// */ +// public String getSessionIndex() { +// return sessionIndex; +// } +// +// /** +// * @param sessionIndex the sessionIndex to set +// */ +// public void setSessionIndex(String sessionIndex) { +// this.sessionIndex = sessionIndex; +// } +// +// /* (non-Javadoc) +// * @see at.gv.egovernment.moa.id.data.IAuthData#getNameID() +// */ +// @Override +// public String getNameID() { +// return this.nameID; +// } +// +// /** +// * @param nameID the nameID to set +// */ +// public void setNameID(String nameID) { +// this.nameID = nameID; +// } +// +// /** +// * @return the nameIDFormat +// */ +// public String getNameIDFormat() { +// return nameIDFormat; +// } +// +// /** +// * @param nameIDFormat the nameIDFormat to set +// */ +// public void setNameIDFormat(String nameIDFormat) { +// this.nameIDFormat = nameIDFormat; +// } +// +//// /** +//// * @return the interfederatedSSOSession +//// */ +//// public boolean isInterfederatedSSOSession() { +//// return interfederatedSSOSession; +//// } +//// +//// /** +//// * @param interfederatedSSOSession the interfederatedSSOSession to set +//// */ +//// public void setInterfederatedSSOSession(boolean interfederatedSSOSession) { +//// this.interfederatedSSOSession = interfederatedSSOSession; +//// } +//// +//// /** +//// * @return the interfederatedIDP +//// */ +//// public String getInterfederatedIDP() { +//// return interfederatedIDP; +//// } +//// +//// /** +//// * @param interfederatedIDP the interfederatedIDP to set +//// */ +//// public void setInterfederatedIDP(String interfederatedIDP) { +//// this.interfederatedIDP = interfederatedIDP; +//// } +// +// /** +// * @return the ssoSessionValidTo +// */ +// public Date getSsoSessionValidTo() { +// return ssoSessionValidTo; +// } +// +// /** +// * @param ssoSessionValidTo the ssoSessionValidTo to set +// */ +// public void setSsoSessionValidTo(Date ssoSessionValidTo) { +// this.ssoSessionValidTo = ssoSessionValidTo; +// } +// +// /** +// * @return the encbPKList +// */ +// public List<String> getEncbPKList() { +// return encbPKList; +// } +// +// /** +// * @param encbPKList the encbPKList to set +// */ +// public void setEncbPKList(List<String> encbPKList) { +// this.encbPKList = encbPKList; +// } +// +// /** +// * @return the roles +// */ +// public List<AuthenticationRole> getAuthenticationRoles() { +//// if (this.roles == null) { +//// this.roles = new ArrayList<AuthenticationRole>(); +//// this.roles.add(new AuthenticationRole("xxpvprole", "xxpvprole")); +//// this.roles.add(new AuthenticationRole("yypvprole", "yypvprole")); +//// } +// +// return roles; +// } +// +// //ISA 1.18 attributes +// /** +// * @param roles the roles to set +// */ +// public void addAuthenticationRole(AuthenticationRole role) { +// if (this.roles == null) +// this.roles = new ArrayList<AuthenticationRole>(); +// +// this.roles.add(role); +// } +// +// /** +// * @return the pvpAttribute_OU +// */ +// public String getPvpAttribute_OU() { +// return pvpAttribute_OU; +// } +// +// /** +// * @param pvpAttribute_OU the pvpAttribute_OU to set +// */ +// public void setPvpAttribute_OU(String pvpAttribute_OU) { +// this.pvpAttribute_OU = pvpAttribute_OU; +// } +// +// /* (non-Javadoc) +// * @see at.gv.egovernment.moa.id.data.IAuthData#isBusinessService() +// */ +// @Override +// public boolean isBaseIDTransferRestrication() { +// return isBaseIDTransferRestrication; +// } +// +// /** +// * @param isBaseIDTransmittionAllowed the isBaseIDTransmittionAllowed to set +// */ +// public void setBaseIDTransferRestrication(boolean isBaseIDTransferRestrication) { +// this.isBaseIDTransferRestrication = isBaseIDTransferRestrication; +// } +// +// /** +// * Returns a generic data-object with is stored with a specific identifier +// * +// * @param key The specific identifier of the data object +// * @param clazz The class type which is stored with this key +// * @return The data object or null if no data is found with this key +// */ +// public <T> T getGenericData(String key, final Class<T> clazz) { +// if (MiscUtil.isNotEmpty(key)) { +// Object data = genericDataStorate.get(key); +// +// if (data == null) +// return null; +// +// try { +// @SuppressWarnings("unchecked") +// T test = (T) data; +// return test; +// +// } catch (Exception e) { +// Logger.warn("Generic authentication-data object can not be casted to requsted type", e); +// return null; +// +// } +// +// } +// +// Logger.warn("Can not load generic session-data with key='null'"); +// return null; +// +// } +// +// /** +// * Store a generic data-object to session with a specific identifier +// * +// * @param key Identifier for this data-object +// * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface +// * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage +// */ +// public void setGenericData(String key, Object object) throws SessionDataStorageException { +// if (MiscUtil.isEmpty(key)) { +// Logger.warn("Generic session-data can not be stored with a 'null' key"); +// throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); +// +// } +// +// if (object != null) { +// if (!Serializable.class.isInstance(object)) { +// Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); +// throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); +// +// } +// } +// +// if (genericDataStorate.containsKey(key)) +// Logger.debug("Overwrite generic data with key:" + key); +// else +// Logger.trace("Add generic data with key:" + key + " to session."); +// +// genericDataStorate.put(key, object); +// } + +} |