move citizen-card authentication and validation (Security-layer communication) to discrete module

1 files changed, 136 insertions, 136 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
index 942fab4f3..9c654d42f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java
@@ -1,136 +1,136 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.protocols.pvp2x.verification;
-
-import java.io.UnsupportedEncodingException;
-
-import org.opensaml.saml2.core.RequestAbstractType;
-import org.opensaml.security.SAMLSignatureProfileValidator;
-import org.opensaml.xml.validation.ValidationException;
-import org.w3c.dom.Element;
-
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.exception.BuildException;
-import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.auth.exception.ParseException;
-import at.gv.egovernment.moa.id.auth.exception.ServiceException;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.util.XMLUtil;
-import at.gv.egovernment.moa.logging.Logger;
-
-public class SAMLVerifierMOASP implements ISAMLVerifier {
-
-	
-	//TODO: implement via metadata validator ....
-	public void verifyRequest(RequestAbstractType request)
-			throws MOAIDException {
-		// validate Signature
-		try {
-			if (request.isSigned()) {
-
-				String trustProfileID = AuthConfigurationProviderFactory.getInstance()
-						.getStorkConfig().getSignatureVerificationParameter()
-						.getTrustProfileID();
-
-				Logger.trace("Starting validation of Signature references");
-				try {
-					SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
-					sigValidator.validate(request.getSignature());
-				} catch (ValidationException e) {
-					Logger.error("Validation of XML Signature refrences failed: "
-							+ e.getMessage());
-					throw new SecurityException(e);
-				}
-				Logger.debug("XML Signature references are OK.");
-
-				Logger.debug("Invoking MOA-SP with TrustProfileID: "
-						+ trustProfileID);
-
-				// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
-				Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
-						.build(XMLUtil.printXML(request.getDOM()).getBytes("UTF-8"),
-								trustProfileID);
-
-				Logger.trace("VerifyXMLSignatureRequest for MOA-SP succesfully built");
-
-				Logger.trace("Calling MOA-SP");
-				// invokes the call
-				Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
-						.verifyXMLSignature(domVerifyXMLSignatureRequest);
-
-				// parses the <VerifyXMLSignatureResponse>
-				VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
-						domVerifyXMLSignatureResponse).parseData();
-
-				Logger.trace("Received VerifyXMLSignatureResponse from MOA-SP");
-
-				if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) {
-					String msg = "Signature of SAMLResponse not valid";
-					Logger.error(msg);
-					throw new SecurityException(msg);
-				}
-
-				Logger.debug("Signature of SAML response successfully verified");
-
-				if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) {
-					String msg = "Certificate of SAMLResponse not valid";
-					Logger.error(msg);
-					throw new SecurityException(msg);
-				}
-
-				Logger.debug("Signing certificate of SAML response succesfully verified");
-
-			} else {
-				String msg = "SAML Object is not signed.";
-				throw new SecurityException(msg);
-			}
-
-		} catch (ConfigurationException e) {
-			String msg = "Unable to load STORK configuration for STORK SAML Response signature verification.";
-			Logger.error(msg, e);
-			throw new SecurityException(msg, e);
-		} catch (ParseException e) {
-			String msg = "Unable to parse VerifyXMLSignature Request or Response.";
-			Logger.error(msg, e);
-			throw new SecurityException(msg, e);
-		} catch (BuildException e) {
-			String msg = "Unable to parse VerifyXMLSignature Request or Response.";
-			Logger.error(msg, e);
-			throw new SecurityException(msg, e);
-		} catch (ServiceException e) {
-			String msg = "Unable to invoke MOA-SP.";
-			Logger.error(msg, e);
-			throw new SecurityException(msg, e);
-		} catch (UnsupportedEncodingException e) {
-			String msg = "Unsupported Encoding.";
-			Logger.error(msg, e);
-			throw new SecurityException(msg, e);
-		}
-
-	}
-
-}
+///*******************************************************************************
+// * Copyright 2014 Federal Chancellery Austria
+// * MOA-ID has been developed in a cooperation between BRZ, the Federal
+// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+// *
+// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+// * the European Commission - subsequent versions of the EUPL (the "Licence");
+// * You may not use this work except in compliance with the Licence.
+// * You may obtain a copy of the Licence at:
+// * http://www.osor.eu/eupl/
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the Licence is distributed on an "AS IS" basis,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the Licence for the specific language governing permissions and
+// * limitations under the Licence.
+// *
+// * This product combines work with different licenses. See the "NOTICE" text
+// * file for details on the various modules and licenses.
+// * The "NOTICE" text file is part of the distribution. Any derivative works
+// * that you distribute must include a readable copy of the "NOTICE" text file.
+// *******************************************************************************/
+//package at.gv.egovernment.moa.id.protocols.pvp2x.verification;
+//
+//import java.io.UnsupportedEncodingException;
+//
+//import org.opensaml.saml2.core.RequestAbstractType;
+//import org.opensaml.security.SAMLSignatureProfileValidator;
+//import org.opensaml.xml.validation.ValidationException;
+//import org.w3c.dom.Element;
+//
+//import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
+//import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
+//import at.gv.egovernment.moa.id.auth.exception.BuildException;
+//import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+//import at.gv.egovernment.moa.id.auth.exception.ParseException;
+//import at.gv.egovernment.moa.id.auth.exception.ServiceException;
+//import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
+//import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
+//import at.gv.egovernment.moa.id.config.ConfigurationException;
+//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+//import at.gv.egovernment.moa.id.util.XMLUtil;
+//import at.gv.egovernment.moa.logging.Logger;
+//
+//public class SAMLVerifierMOASP implements ISAMLVerifier {
+//
+//	
+//	//TODO: implement via metadata validator ....
+//	public void verifyRequest(RequestAbstractType request)
+//			throws MOAIDException {
+//		// validate Signature
+//		try {
+//			if (request.isSigned()) {
+//
+//				String trustProfileID = AuthConfigurationProviderFactory.getInstance()
+//						.getStorkConfig().getSignatureVerificationParameter()
+//						.getTrustProfileID();
+//
+//				Logger.trace("Starting validation of Signature references");
+//				try {
+//					SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
+//					sigValidator.validate(request.getSignature());
+//				} catch (ValidationException e) {
+//					Logger.error("Validation of XML Signature refrences failed: "
+//							+ e.getMessage());
+//					throw new SecurityException(e);
+//				}
+//				Logger.debug("XML Signature references are OK.");
+//
+//				Logger.debug("Invoking MOA-SP with TrustProfileID: "
+//						+ trustProfileID);
+//
+//				// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
+//				Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
+//						.build(XMLUtil.printXML(request.getDOM()).getBytes("UTF-8"),
+//								trustProfileID);
+//
+//				Logger.trace("VerifyXMLSignatureRequest for MOA-SP succesfully built");
+//
+//				Logger.trace("Calling MOA-SP");
+//				// invokes the call
+//				Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker()
+//						.verifyXMLSignature(domVerifyXMLSignatureRequest);
+//
+//				// parses the <VerifyXMLSignatureResponse>
+//				VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
+//						domVerifyXMLSignatureResponse).parseData();
+//
+//				Logger.trace("Received VerifyXMLSignatureResponse from MOA-SP");
+//
+//				if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) {
+//					String msg = "Signature of SAMLResponse not valid";
+//					Logger.error(msg);
+//					throw new SecurityException(msg);
+//				}
+//
+//				Logger.debug("Signature of SAML response successfully verified");
+//
+//				if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) {
+//					String msg = "Certificate of SAMLResponse not valid";
+//					Logger.error(msg);
+//					throw new SecurityException(msg);
+//				}
+//
+//				Logger.debug("Signing certificate of SAML response succesfully verified");
+//
+//			} else {
+//				String msg = "SAML Object is not signed.";
+//				throw new SecurityException(msg);
+//			}
+//
+//		} catch (ConfigurationException e) {
+//			String msg = "Unable to load STORK configuration for STORK SAML Response signature verification.";
+//			Logger.error(msg, e);
+//			throw new SecurityException(msg, e);
+//		} catch (ParseException e) {
+//			String msg = "Unable to parse VerifyXMLSignature Request or Response.";
+//			Logger.error(msg, e);
+//			throw new SecurityException(msg, e);
+//		} catch (BuildException e) {
+//			String msg = "Unable to parse VerifyXMLSignature Request or Response.";
+//			Logger.error(msg, e);
+//			throw new SecurityException(msg, e);
+//		} catch (ServiceException e) {
+//			String msg = "Unable to invoke MOA-SP.";
+//			Logger.error(msg, e);
+//			throw new SecurityException(msg, e);
+//		} catch (UnsupportedEncodingException e) {
+//			String msg = "Unsupported Encoding.";
+//			Logger.error(msg, e);
+//			throw new SecurityException(msg, e);
+//		}
+//
+//	}
+//
+//}