PVP2.X Post and Redirect binding, signing and verification, added PVP2.x Citizen Token attributes

1 files changed, 126 insertions, 0 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java
new file mode 100644
index 000000000..0b280fe48
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java
@@ -0,0 +1,126 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.builder;
+
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.AttributeStatement;
+import org.opensaml.saml2.core.AttributeValue;
+import org.opensaml.xml.Configuration;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.schema.XSInteger;
+import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.schema.impl.XSIntegerBuilder;
+import org.opensaml.xml.schema.impl.XSStringBuilder;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+
+public class CitizenTokenBuilder {
+
+	public static XMLObject buildAttributeStringValue(String value) {
+		XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
+		XSString stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+		stringValue.setValue(value);
+		return stringValue;
+	}
+	
+	public static XMLObject buildAttributeIntegerValue(int value) {
+		XSIntegerBuilder integerBuilder = (XSIntegerBuilder) Configuration.getBuilderFactory().getBuilder(XSInteger.TYPE_NAME);
+		XSInteger integerValue = integerBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
+		integerValue.setValue(value);
+		return integerValue;
+	}
+	
+	public static Attribute buildStringAttribute(String friendlyName, 
+			String name, String value) {
+		Attribute attribute = 
+				SAML2Utils.createSAMLObject(Attribute.class);
+		attribute.setFriendlyName(friendlyName);
+		attribute.setName(name);
+		attribute.getAttributeValues().add(buildAttributeStringValue(value));
+		return attribute;
+	}
+	
+	public static Attribute buildIntegerAttribute(String friendlyName, 
+			String name, int value) {
+		Attribute attribute = 
+				SAML2Utils.createSAMLObject(Attribute.class);
+		attribute.setFriendlyName(friendlyName);
+		attribute.setName(name);
+		attribute.getAttributeValues().add(buildAttributeIntegerValue(value));
+		return attribute;
+	}
+	
+	public static Attribute buildPVPVersion(String value) {
+		return buildStringAttribute("PVP-VERSION",
+				"urn:oid:1.2.40.0.10.2.1.1.261.10", value);
+	}
+	
+	public static Attribute buildSecClass(int value) {
+		return buildIntegerAttribute("SECCLASS",
+				"", value);
+	}
+	
+	public static Attribute buildPrincipalName(String value) {
+		return buildStringAttribute("PRINCIPAL-NAME",
+				"urn:oid:1.2.40.0.10.2.1.1.261.20", value);
+	}
+	
+	public static Attribute buildGivenName(String value) {
+		return buildStringAttribute("GIVEN-NAME",
+				"urn:oid:2.5.4.42", value);
+	}
+	
+	public static Attribute buildBirthday(String value) {
+		return buildStringAttribute("BIRTHDATE",
+				"urn:oid:1.2.40.0.10.2.1.1.55", value);
+	}
+	
+	public static Attribute buildBPK(String value) {
+		return buildStringAttribute("BPK",
+				"urn:oid:1.2.40.0.10.2.1.1.149", value);
+	}
+	
+	public static Attribute buildEID_CITIZEN_QAALEVEL(int value) {
+		return buildIntegerAttribute("EID-CITIZEN-QAA-LEVEL",
+				"urn:oid:1.2.40.0.10.2.1.1.261.94", value);
+	}
+	
+	public static Attribute buildEID_ISSUING_NATION(String value) {
+		return buildStringAttribute("EID-ISSUING-NATION",
+				"urn:oid:1.2.40.0.10.2.1.1.261.32", value);
+	}
+	
+	public static Attribute buildEID_SECTOR_FOR_IDENTIFIER(String value) {
+		return buildStringAttribute("EID-SECTOR-FOR-IDENTIFIER",
+				"urn:oid:1.2.40.0.10.2.1.1.261.34", value);
+	}
+	
+	
+	public static AttributeStatement buildCitizenToken(MOARequest obj,
+			AuthenticationSession authSession) {
+		AttributeStatement statement = 
+				SAML2Utils.createSAMLObject(AttributeStatement.class);
+		
+		Attribute pvpVersion = buildPVPVersion("2.1");
+		Attribute secClass = buildSecClass(3);
+		Attribute principalName = buildPrincipalName(authSession.getAuthData().getFamilyName());
+		Attribute givenName = buildGivenName(authSession.getAuthData().getGivenName());
+		Attribute birthdate = buildBirthday(authSession.getAuthData().getDateOfBirth());
+		Attribute bpk = buildBPK(authSession.getAuthData().getIdentificationValue());
+		Attribute eid_citizen_qaa = buildEID_CITIZEN_QAALEVEL(3);
+		Attribute eid_issuing_nation = buildEID_ISSUING_NATION("AT");
+		Attribute eid_sector_for_id = buildEID_SECTOR_FOR_IDENTIFIER(authSession.getAuthData().getIdentificationType());
+		
+		statement.getAttributes().add(pvpVersion);
+		statement.getAttributes().add(secClass);
+		statement.getAttributes().add(principalName);
+		statement.getAttributes().add(givenName);
+		statement.getAttributes().add(birthdate);
+		statement.getAttributes().add(bpk);
+		statement.getAttributes().add(eid_citizen_qaa);
+		statement.getAttributes().add(eid_issuing_nation);
+		statement.getAttributes().add(eid_sector_for_id);
+		
+		return statement;
+	}
+}