- SSO finalized

- SSO Session is not closed if a new single authentication operation is started
- PVP2 Configuration from Database (but without Metadata) --> TODO: change MetaDataProvider
- Add additional UserFrame in case of SSO
- MOASession encryption

TODO: MetaDataProvider, IdentityLink resign, SSO with Mandates, Legacy Template generation

1 files changed, 94 insertions, 79 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
index c8059b2f9..7682566f2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
@@ -1,7 +1,10 @@
 package at.gv.egovernment.moa.id.protocols.pvp2x.config;
 
+import iaik.x509.X509Certificate;
+
 import java.io.File;
 import java.io.FileInputStream;
+import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
@@ -21,12 +24,19 @@ import org.opensaml.saml2.metadata.OrganizationURL;
 import org.opensaml.saml2.metadata.SurName;
 import org.opensaml.saml2.metadata.TelephoneNumber;
 
+import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
+import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.Digester;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.logging.Logger;
 
 public class PVPConfiguration {
+	
 	private static PVPConfiguration instance;
 
 	public static PVPConfiguration getInstance() {
@@ -71,26 +81,21 @@ public class PVPConfiguration {
 	public static final String IDP_CONTACT_COMPANY = "company";
 	public static final String IDP_CONTACT_PHONE = "phone";
 
-	Properties props = new Properties();
-
+	PVP2 generalpvpconfigdb;
+	Properties props;
+	
 	private PVPConfiguration() {
-		try {
-			String fileName = System
-					.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
-			String pathName = (new File(fileName)).getParent();
-			String configFile = pathName + "/" + PVP_CONFIG_FILE;
-
-			Logger.info("PVP Config file " + configFile);
-			FileInputStream is = new FileInputStream(configFile);
-			props.load(is);
-			is.close();
-		} catch (Exception e) {
+		 try {
+			generalpvpconfigdb = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig();
+			props = AuthConfigurationProvider.getInstance().getGeneralPVP2ProperiesConfig();
+			
+		} catch (ConfigurationException e) {
 			e.printStackTrace();
 		}
 	}
 	
 	public String getIDPPublicPath() {
-		String publicPath = props.getProperty(IDP_PUBLIC_URL);
+		String publicPath = generalpvpconfigdb.getPublicURLPrefix();
 		if(publicPath != null) {
 			if(publicPath.endsWith("/")) {
 				publicPath = publicPath.substring(0, publicPath.length()-2);
@@ -128,7 +133,7 @@ public class PVPConfiguration {
 	}
 
 	public String getIDPIssuerName() {
-		return props.getProperty(IDP_ISSUER_NAME);
+		return generalpvpconfigdb.getIssuerName();
 	}
 
 	public List<String> getMetadataFiles() {
@@ -152,48 +157,66 @@ public class PVPConfiguration {
 		return files;
 	}
 
+	//TODO:
 	public String getTargetForSP(String sp) {
-		String spHash = Digester.toSHA1(sp.getBytes());
-		Logger.info("SHA hash for sp: " + sp + " => " + spHash);
-		return props.getProperty(SP_TARGET_PREFIX + spHash);
-	}
 
-	public String getTrustEntityCertificate(String entityID) {
-		String path = props.getProperty(IDP_TRUST_STORE);
-		if (path == null) {
+		try {
+			OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(sp);
+			return oaParam.getTarget();
+			
+		} catch (ConfigurationException e) {
+			Logger.warn("OnlineApplication with ID "+ sp + " is not found.");
 			return null;
 		}
+		
+	}
 
-		if (!path.endsWith("/")) {
-			path = path + "/";
+	
+	public iaik.x509.X509Certificate getTrustEntityCertificate(String entityID) {
+		
+		try {	
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(entityID);
+		
+		if (oaParam == null) {
+			Logger.warn("Online Application with ID " + entityID + " not found!");
+			return null;
+		}
+		
+		OAPVP2 pvp2param = oaParam.getPVP2Parameter();
+		
+		if (pvp2param == null) {
+			return null;
+		}
+		
+		Logger.info("Load TrustEntityCertificate ("+entityID+") from Database.");
+		return new X509Certificate(pvp2param.getCertificate());
+			
+		} catch (CertificateException e) {
+			Logger.warn("Signer certificate can not be loaded from session database!", e);
+			return null;
+			
+		} catch (ConfigurationException e) {
+			e.printStackTrace();
+			return null;
 		}
-
-		String entityIDHash = Digester.toSHA1(entityID.getBytes());
-
-		return path + entityIDHash;
 	}
 
 	public List<ContactPerson> getIDPContacts() {
 		List<ContactPerson> list = new ArrayList<ContactPerson>();
 
-		String contactList = props.getProperty(IDP_CONTACT_LIST);
-
-		if (contactList != null) {
-
-			String[] contact_keys = contactList.split(",");
-
-			for (int i = 0; i < contact_keys.length; i++) {
-
-				String key = contact_keys[i];
+		List<Contact> contacts = generalpvpconfigdb.getContact();
+		
+		if (contacts != null) {
+		
+			for (Contact contact : contacts) {
 
 				ContactPerson person = SAML2Utils
 						.createSAMLObject(ContactPerson.class);
 
-				String type = props.getProperty(IDP_CONTACT_PREFIX + "." + key
-						+ "." + IDP_CONTACT_TYPE);
+				String type = contact.getType();
 
 				if (type == null) {
-					Logger.error("IDP Contact with key " + key
+					Logger.error("IDP Contact with SurName " + contact.getSurName()
 							+ " has no type defined!");
 					break;
 				}
@@ -218,15 +241,14 @@ public class PVPConfiguration {
 				}
 
 				if (enumType == null) {
-					Logger.error("IDP Contact with key " + key
+					Logger.error("IDP Contact with SurName " + contact.getSurName()
 							+ " has invalid type defined: " + type);
 					break;
 				}
 
 				person.setType(enumType);
 
-				String givenName = props.getProperty(IDP_CONTACT_PREFIX + "."
-						+ key + "." + IDP_CONTACT_GIVENNAME);
+				String givenName = contact.getGivenName();
 
 				if (givenName != null) {
 					GivenName name = SAML2Utils
@@ -235,8 +257,7 @@ public class PVPConfiguration {
 					person.setGivenName(name);
 				}
 
-				String company = props.getProperty(IDP_CONTACT_PREFIX + "."
-						+ key + "." + IDP_CONTACT_COMPANY);
+				String company = contact.getCompany();
 
 				if (company != null) {
 					Company comp = SAML2Utils.createSAMLObject(Company.class);
@@ -244,8 +265,7 @@ public class PVPConfiguration {
 					person.setCompany(comp);
 				}
 
-				String surname = props.getProperty(IDP_CONTACT_PREFIX + "."
-						+ key + "." + IDP_CONTACT_SURNAME);
+				String surname = contact.getSurName();
 
 				if (surname != null) {
 					SurName name = SAML2Utils.createSAMLObject(SurName.class);
@@ -253,35 +273,22 @@ public class PVPConfiguration {
 					person.setSurName(name);
 				}
 
-				Set<Object> keySet = props.keySet();
-				Iterator<Object> keyIt = keySet.iterator();
-
-				while (keyIt.hasNext()) {
-
-					String currentKey = keyIt.next().toString();
-
-					if (currentKey.startsWith(IDP_CONTACT_PREFIX + "." + key
-							+ "." + IDP_CONTACT_PHONE)) {
-						String phone = props.getProperty(currentKey);
-
-						if (phone != null) {
-							TelephoneNumber telePhone = SAML2Utils
-									.createSAMLObject(TelephoneNumber.class);
-							telePhone.setNumber(phone);
-							person.getTelephoneNumbers().add(telePhone);
-						}
-					} else if (currentKey.startsWith(IDP_CONTACT_PREFIX + "."
-							+ key + "." + IDP_CONTACT_MAIL)) {
-						String mail = props.getProperty(currentKey);
-
-						if (mail != null) {
-							EmailAddress mailAddress = SAML2Utils
-									.createSAMLObject(EmailAddress.class);
-							mailAddress.setAddress(mail);
-							person.getEmailAddresses().add(mailAddress);
-						}
-					}
+				List<String> phones = contact.getPhone();
+				for (String phone : phones) {
+					TelephoneNumber telePhone = SAML2Utils
+							.createSAMLObject(TelephoneNumber.class);
+					telePhone.setNumber(phone);
+					person.getTelephoneNumbers().add(telePhone);
 				}
+				
+				List<String> mails = contact.getMail();
+				for (String mail : mails) {
+					EmailAddress mailAddress = SAML2Utils
+							.createSAMLObject(EmailAddress.class);
+					mailAddress.setAddress(mail);
+					person.getEmailAddresses().add(mailAddress);
+				}
+				
 				list.add(person);
 			}
 		}
@@ -291,10 +298,18 @@ public class PVPConfiguration {
 	public Organization getIDPOrganisation() {
 		Organization org = SAML2Utils.createSAMLObject(Organization.class);
 
-		String org_name = props.getProperty(IDP_ORG_NAME);
-		String org_dispname = props.getProperty(IDP_ORG_DISPNAME);
-		String org_url = props.getProperty(IDP_ORG_URL);
-
+		at.gv.egovernment.moa.id.commons.db.dao.config.Organization organisation = generalpvpconfigdb.getOrganization();
+		
+		String org_name = null;
+		String org_dispname = null;
+		String org_url = null;
+		
+		if (organisation != null) {
+			org_name = organisation.getName();
+			org_dispname = organisation.getDisplayName();
+			org_url = organisation.getURL();
+		}
+		
 		if (org_name == null || org_dispname == null || org_url == null) {
 			return null;
 		}