Added pvp2 configuration file

author: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-05-08 11:22:25 +0200
committer: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-05-08 11:22:25 +0200
commit: 642fe4866c23e1a25b0316f12f0028c9f0673c3d (patch)
tree: 56a7b9cdc4fc5cce8f8349bfe47be8997e69ae1b /id/server/idserverlib/src/main/java/at/gv/egovernment
parent: 8ab6d299cbbc2b9faa7f0d70b45e00ce54645e55 (diff)
download: moa-id-spss-642fe4866c23e1a25b0316f12f0028c9f0673c3d.tar.gz
moa-id-spss-642fe4866c23e1a25b0316f12f0028c9f0673c3d.tar.bz2
moa-id-spss-642fe4866c23e1a25b0316f12f0028c9f0673c3d.zip
13 files changed, 310 insertions, 192 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index feaf59cb2..673b65243 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -47,6 +47,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 
 	public static final String REDIRECT = "Redirect";
 	public static final String POST = "Post";
+	public static final String SOAP = "Soap";
 
 	private static List<ServletInfo> servletList = new ArrayList<ServletInfo>();
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
index a7b4a5bc7..8f83812a6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
@@ -1,14 +1,10 @@
 package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
 
-import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
-import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
 import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 
 import javax.servlet.http.HttpServletRequest;
@@ -19,7 +15,6 @@ import org.apache.velocity.runtime.RuntimeConstants;
 import org.opensaml.common.SAMLObject;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.saml2.binding.encoding.HTTPArtifactEncoder;
-import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
 import org.opensaml.saml2.core.RequestAbstractType;
 import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.saml2.metadata.SingleSignOnService;
@@ -28,13 +23,12 @@ import org.opensaml.ws.message.decoder.MessageDecodingException;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.BasicCredential;
-import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.signature.Signature;
-import org.opensaml.xml.signature.SignatureConstants;
 
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPAssertionStorage;
-import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
 
 public class ArtifactBinding implements IDecoder, IEncoder {
 
@@ -48,30 +42,13 @@ public class ArtifactBinding implements IDecoder, IEncoder {
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
 			StatusResponseType response, String targetLocation)
 			throws MessageEncodingException, SecurityException {
-		KeyStore keyStore;
-
 		try {
-			keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
-
-			FileInputStream inputStream = new FileInputStream(
-					"/home/afitzek/server/moaid_conf/moaid/pvp.ks");
-			keyStore.load(inputStream, "123456".toCharArray());
-			inputStream.close();
-
-			BasicCredential credentials = new BasicCredential();
-			PrivateKey key = (PrivateKey) keyStore.getKey("pvpIDP",
-					"123456".toCharArray());
-			Certificate cert = keyStore.getCertificate("pvpIDP");
-			credentials.setPublicKey(cert.getPublicKey());
-			credentials.setPrivateKey(key);
-			credentials.setUsageType(UsageType.SIGNING);
-
-			Signature signer = SAML2Utils.createSAMLObject(Signature.class);
-			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
-			signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-			signer.setSigningCredential(credentials);
+			Credential credentials = CredentialProvider
+					.getIDPSigningCredential();
 
+			Signature signer = CredentialProvider.getIDPSignature(credentials);
 			response.setSignature(signer);
+			
 			VelocityEngine engine = new VelocityEngine();
 			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
 			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
@@ -100,24 +77,9 @@ public class ArtifactBinding implements IDecoder, IEncoder {
 			context.setOutboundMessageTransport(responseAdapter);
 
 			encoder.encode(context);
-		} catch (KeyStoreException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (FileNotFoundException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (NoSuchAlgorithmException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (CertificateException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (IOException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (UnrecoverableKeyException e) {
-			// TODO Auto-generated catch block
+		} catch (CredentialsNotAvailableException e) {
 			e.printStackTrace();
+			throw new SecurityException(e);
 		}
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index 38be055be..c7d779fa2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -1,16 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
 
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -31,49 +20,31 @@ import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
 import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.BasicCredential;
-import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.signature.Signature;
-import org.opensaml.xml.signature.SignatureConstants;
 
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
-import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
 
 public class PostBinding implements IDecoder, IEncoder {
 
 	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation) throws MessageEncodingException,
-			SecurityException{
+			RequestAbstractType request, String targetLocation)
+			throws MessageEncodingException, SecurityException {
 		// TODO Auto-generated method stub
-		
+
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation) throws MessageEncodingException,
-			SecurityException{
-		KeyStore keyStore;
+			StatusResponseType response, String targetLocation)
+			throws MessageEncodingException, SecurityException {
 
 		try {
-			keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
-
-			FileInputStream inputStream = new FileInputStream(
-					"/home/afitzek/server/moaid_conf/moaid/pvp.ks");
-			keyStore.load(inputStream, "123456".toCharArray());
-			inputStream.close();
-
-			BasicCredential credentials = new BasicCredential();
-			PrivateKey key = (PrivateKey) keyStore.getKey("pvpIDP",
-					"123456".toCharArray());
-			Certificate cert = keyStore.getCertificate("pvpIDP");
-			credentials.setPublicKey(cert.getPublicKey());
-			credentials.setPrivateKey(key);
-			credentials.setUsageType(UsageType.SIGNING);
-
-			Signature signer = SAML2Utils.createSAMLObject(Signature.class);
-			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
-			signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-			signer.setSigningCredential(credentials);
+			Credential credentials = CredentialProvider
+					.getIDPSigningCredential();
 
+			Signature signer = CredentialProvider.getIDPSignature(credentials);
 			response.setSignature(signer);
 
 			VelocityEngine engine = new VelocityEngine();
@@ -81,11 +52,11 @@ public class PostBinding implements IDecoder, IEncoder {
 			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
 			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
 			engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
-			engine.setProperty("classpath.resource.loader.class", 
+			engine.setProperty("classpath.resource.loader.class",
 					"org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
 			engine.init();
-			
-			HTTPPostEncoder encoder = new HTTPPostEncoder(engine, 
+
+			HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
 					"resources/templates/pvp_postbinding_template.html");
 			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
 					resp, true);
@@ -101,68 +72,46 @@ public class PostBinding implements IDecoder, IEncoder {
 			context.setOutboundMessageTransport(responseAdapter);
 
 			encoder.encode(context);
-		} catch (KeyStoreException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (FileNotFoundException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (NoSuchAlgorithmException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (CertificateException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (IOException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (UnrecoverableKeyException e) {
-			// TODO Auto-generated catch block
+		} catch (CredentialsNotAvailableException e) {
 			e.printStackTrace();
+			throw new SecurityException(e);
 		}
 	}
 
 	public MOARequest decodeRequest(HttpServletRequest req,
 			HttpServletResponse resp) throws MessageDecodingException,
-			SecurityException{
-		
-		
-		
+			SecurityException {
+
 		HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
-		BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext = 
-				new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
+		BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext = new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
 		messageContext
-				.setInboundMessageTransport(new HttpServletRequestAdapter(
-						req));
+				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
 		decode.decode(messageContext);
 
 		RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
 				.getInboundMessage();
-		
+
 		MOARequest request = new MOARequest(inboundMessage);
-		
+
 		return request;
-		
+
 	}
 
 	public MOAResponse decodeRespone(HttpServletRequest req,
 			HttpServletResponse resp) throws MessageDecodingException,
-			SecurityException{
-		
+			SecurityException {
+
 		HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
-		BasicSAMLMessageContext<Response, ?, ?> messageContext = 
-				new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
+		BasicSAMLMessageContext<Response, ?, ?> messageContext = new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
 		messageContext
-				.setInboundMessageTransport(new HttpServletRequestAdapter(
-						req));
+				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
 		decode.decode(messageContext);
 
-		Response inboundMessage = (Response) messageContext
-				.getInboundMessage();
-		
+		Response inboundMessage = (Response) messageContext.getInboundMessage();
+
 		MOAResponse moaResponse = new MOAResponse(inboundMessage);
 		return moaResponse;
-		
+
 	}
 
 	public boolean handleDecode(String action) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index 2cae67e97..92a6b6002 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -1,16 +1,5 @@
 package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
 
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -35,14 +24,13 @@ import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
 import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.credential.BasicCredential;
-import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.signature.Signature;
-import org.opensaml.xml.signature.SignatureConstants;
 
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
-import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
 
 public class RedirectBinding implements IDecoder, IEncoder {
@@ -56,30 +44,13 @@ public class RedirectBinding implements IDecoder, IEncoder {
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
 			StatusResponseType response, String targetLocation)
 			throws MessageEncodingException, SecurityException {
-		KeyStore keyStore;
-
 		try {
-			keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
-
-			FileInputStream inputStream = new FileInputStream(
-					"/home/afitzek/server/moaid_conf/moaid/pvp.ks");
-			keyStore.load(inputStream, "123456".toCharArray());
-			inputStream.close();
-
-			BasicCredential credentials = new BasicCredential();
-			PrivateKey key = (PrivateKey) keyStore.getKey("pvpIDP",
-					"123456".toCharArray());
-			Certificate cert = keyStore.getCertificate("pvpIDP");
-			credentials.setPublicKey(cert.getPublicKey());
-			credentials.setPrivateKey(key);
-			credentials.setUsageType(UsageType.SIGNING);
-
-			Signature signer = SAML2Utils.createSAMLObject(Signature.class);
-			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
-			signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-			signer.setSigningCredential(credentials);
+			Credential credentials = CredentialProvider
+					.getIDPSigningCredential();
 
+			Signature signer = CredentialProvider.getIDPSignature(credentials);
 			response.setSignature(signer);
+			
 
 			HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
 			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
@@ -96,26 +67,10 @@ public class RedirectBinding implements IDecoder, IEncoder {
 			context.setOutboundMessageTransport(responseAdapter);
 
 			encoder.encode(context);
-		} catch (KeyStoreException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (FileNotFoundException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (NoSuchAlgorithmException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (CertificateException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (IOException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (UnrecoverableKeyException e) {
-			// TODO Auto-generated catch block
+		} catch (CredentialsNotAvailableException e) {
 			e.printStackTrace();
+			throw new SecurityException(e);
 		}
-
 	}
 
 	public MOARequest decodeRequest(HttpServletRequest req,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
new file mode 100644
index 000000000..027dab15a
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
@@ -0,0 +1,77 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.opensaml.common.SAMLObject;
+import org.opensaml.common.binding.BasicSAMLMessageContext;
+import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder;
+import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.saml2.core.Response;
+import org.opensaml.saml2.core.StatusResponseType;
+import org.opensaml.ws.message.decoder.MessageDecodingException;
+import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.opensaml.ws.soap.soap11.decoder.http.HTTPSOAP11Decoder;
+import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
+import org.opensaml.xml.security.SecurityException;
+
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
+
+public class SoapBinding implements IDecoder, IEncoder {
+
+	public MOARequest decodeRequest(HttpServletRequest req,
+			HttpServletResponse resp) throws MessageDecodingException,
+			SecurityException {
+		HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder();
+		BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext = 
+				new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
+		messageContext
+				.setInboundMessageTransport(new HttpServletRequestAdapter(
+						req));
+		soapDecoder.decode(messageContext);
+
+		RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
+				.getInboundMessage();
+		
+		MOARequest request = new MOARequest(inboundMessage);
+		
+		return request;
+	}
+
+	public MOAResponse decodeRespone(HttpServletRequest req,
+			HttpServletResponse resp) throws MessageDecodingException,
+			SecurityException {
+		HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder();
+		BasicSAMLMessageContext<Response, ?, ?> messageContext = 
+				new BasicSAMLMessageContext<Response, SAMLObject, SAMLObject>();
+		messageContext
+				.setInboundMessageTransport(new HttpServletRequestAdapter(
+						req));
+		soapDecoder.decode(messageContext);
+
+		Response inboundMessage = (Response) messageContext
+				.getInboundMessage();
+		
+		MOAResponse moaResponse = new MOAResponse(inboundMessage);
+		return moaResponse;
+	}
+
+	public boolean handleDecode(String action) {
+		return (action.equals(PVP2XProtocol.SOAP));
+	}
+
+	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
+			RequestAbstractType request, String targetLocation)
+			throws MessageEncodingException, SecurityException {
+		// TODO Auto-generated method stub
+		
+	}
+
+	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
+			StatusResponseType response, String targetLocation)
+			throws MessageEncodingException, SecurityException {
+		HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
+		
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
new file mode 100644
index 000000000..5ec852d46
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
@@ -0,0 +1,63 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.config;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.util.Properties;
+
+import at.gv.egovernment.moa.id.config.ConfigurationProvider;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class PVPConfiguration {
+	private static PVPConfiguration instance;
+	
+	public static PVPConfiguration getInstance() {
+		if(instance == null) {
+			instance = new PVPConfiguration();
+		}
+		return instance;
+	}
+	
+	public static final String PVP_CONFIG_FILE = "pvp2config.properties";
+	public static final String IDP_JAVAKEYSTORE = "idp.ks.file";
+	public static final String IDP_KEYALIAS = "idp.ks.alias";
+	public static final String IDP_KS_PASS = "idp.ks.kspassword";
+	public static final String IDP_KEY_PASS = "idp.ks.keypassword";
+	public static final String METADATA_FILE = "md.file";
+	
+	Properties props = new Properties();
+	
+	private PVPConfiguration() {
+		try {
+			String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
+			String pathName = (new File(fileName)).getParent();
+			String configFile = pathName + File.pathSeparator + PVP_CONFIG_FILE;
+		
+			Logger.info("PVP Config file " + configFile);
+			FileInputStream is = new FileInputStream(configFile);
+			props.load(is);
+			is.close();
+		} catch(Exception e) {
+			e.printStackTrace();
+		}
+	}
+	
+	public String getIDPKeyStoreFilename() {
+		return props.getProperty(IDP_JAVAKEYSTORE);
+	}
+	
+	public String getIDPKeyStorePassword() {
+		return props.getProperty(IDP_KS_PASS);
+	}
+	
+	public String getIDPKeyAlias() {
+		return props.getProperty(IDP_KEYALIAS);
+	}
+	
+	public String getIDPKeyPassword() {
+		return props.getProperty(IDP_KEY_PASS);
+	}
+	
+	public String getMetadataFile() {
+		return props.getProperty(METADATA_FILE);
+	}
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index 346883a94..94741df73 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -15,6 +15,8 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException;
 import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.parse.BasicParserPool;
 
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
+
 public class MOAMetadataProvider implements MetadataProvider {
 
 	MetadataProvider internalProvider;
@@ -24,7 +26,7 @@ public class MOAMetadataProvider implements MetadataProvider {
 
 	public MOAMetadataProvider() throws MetadataProviderException {
 		FilesystemMetadataProvider fsProvider = new FilesystemMetadataProvider(
-				new File(MD_FILE));
+				new File(PVPConfiguration.getInstance().getMetadataFile()));
 		fsProvider.setParserPool(new BasicParserPool());
 		internalProvider = fsProvider;
 		fsProvider.initialize();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
new file mode 100644
index 000000000..3d2bd33b0
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
@@ -0,0 +1,42 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.joda.time.DateTime;
+import org.opensaml.common.binding.artifact.SAMLArtifactMap.SAMLArtifactMapEntry;
+import org.opensaml.saml2.core.ArtifactResolve;
+import org.opensaml.saml2.core.ArtifactResponse;
+
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPAssertionStorage;
+import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+
+public class ArtifactResolution implements IRequestHandler {
+
+	public boolean handleObject(MOARequest obj) {
+		return (obj.getSamlRequest() instanceof ArtifactResolve);
+	}
+
+	public void process(MOARequest obj, HttpServletRequest req,
+			HttpServletResponse resp) {
+		if(!handleObject(obj)) {
+			// TODO: throw exception
+			return;
+		}
+		
+		ArtifactResolve artifactResolve = (ArtifactResolve)obj.getSamlRequest();
+		String artifactID = artifactResolve.getArtifact().getArtifact();
+		
+		PVPAssertionStorage pvpAssertion = PVPAssertionStorage.getInstance();
+		if(!pvpAssertion.contains(artifactID)) {
+			// TODO: send not found ...
+		} else {
+			SAMLArtifactMapEntry assertion = pvpAssertion.get(artifactID);
+			ArtifactResponse response = SAML2Utils.createSAMLObject(ArtifactResponse.class);
+			response.setMessage(assertion.getSamlMessage());
+			response.setIssueInstant(new DateTime());
+		}
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 27e248081..5fc1dc785 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -17,6 +17,7 @@ import org.opensaml.saml2.core.Subject;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.xml.security.SecurityException;
 
+import at.gv.egovernment.moa.id.MOAIDException;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
@@ -32,10 +33,9 @@ public class AuthnRequestHandler implements IRequestHandler {
 	}
 
 	public void process(MOARequest obj, HttpServletRequest req,
-			HttpServletResponse resp) {
+			HttpServletResponse resp) throws MOAIDException {
 		if(!handleObject(obj)) {
-			// TODO: throw exception
-			return;
+			throw new MOAIDException("INVALID HANDLER SELECETED", null);
 		}
 		
 		AuthnRequest authnRequest = (AuthnRequest)obj.getSamlRequest();
@@ -95,14 +95,10 @@ public class AuthnRequestHandler implements IRequestHandler {
 		try {
 			binding.encodeRespone(req, resp, authResponse, oaURL);
 		} catch (MessageEncodingException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
 		} catch (SecurityException e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
 		}
-		
-		System.out.println("AuthnRequest");
 	}
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
index a971df93b..002713f79 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
@@ -3,11 +3,12 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.requestHandler;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.MOAIDException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
 
 public interface IRequestHandler {
 	public boolean handleObject(MOARequest obj);
 
 	public void process(MOARequest obj, HttpServletRequest req,
-			HttpServletResponse resp);
+			HttpServletResponse resp) throws MOAIDException;
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
index 3f1049482..0e5fa9b1e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
@@ -7,6 +7,7 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.MOAIDException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.SAMLRequestNotSupported;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest;
 
@@ -29,7 +30,7 @@ public class RequestManager {
 	}
 	
 	public void handle(MOARequest obj, HttpServletRequest req, HttpServletResponse resp) 
-			throws SAMLRequestNotSupported {
+			throws SAMLRequestNotSupported, MOAIDException {
 		Iterator<IRequestHandler> it = handler.iterator();
 		while(it.hasNext()) {
 			IRequestHandler handler = it.next();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
new file mode 100644
index 000000000..ec65f6bce
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.signer;
+
+import java.io.FileInputStream;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+
+import org.opensaml.xml.security.credential.BasicCredential;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class CredentialProvider {
+	public static Credential getIDPSigningCredential() throws CredentialsNotAvailableException {
+		KeyStore keyStore;
+		PVPConfiguration config = PVPConfiguration.getInstance();
+		try {
+			keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+
+			FileInputStream inputStream = new FileInputStream(
+					config.getIDPKeyStoreFilename());
+			keyStore.load(inputStream, config.getIDPKeyStorePassword().toCharArray());
+			inputStream.close();
+
+			BasicCredential credentials = new BasicCredential();
+			PrivateKey key = (PrivateKey) keyStore.getKey(config.getIDPKeyAlias(),
+					config.getIDPKeyPassword().toCharArray());
+			Certificate cert = keyStore.getCertificate(config.getIDPKeyAlias());
+			credentials.setPublicKey(cert.getPublicKey());
+			credentials.setPrivateKey(key);
+			credentials.setUsageType(UsageType.SIGNING);
+			return credentials;
+		} catch(Exception e) {
+			Logger.error("Failed to generate IDP Signing credentials");
+			e.printStackTrace();
+			throw new CredentialsNotAvailableException(e.getMessage(), null);
+		}
+	}
+	
+	public static Signature getIDPSignature(Credential credentials) {
+		Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+		signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+		signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+		signer.setSigningCredential(credentials);
+		return signer;
+	}
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialsNotAvailableException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialsNotAvailableException.java
new file mode 100644
index 000000000..56864bc1f
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialsNotAvailableException.java
@@ -0,0 +1,17 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.signer;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+
+public class CredentialsNotAvailableException extends MOAIDException {
+
+	public CredentialsNotAvailableException(String messageId,
+			Object[] parameters) {
+		super(messageId, parameters);
+	}
+
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = -2564476345552842599L;
+
+}
author	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-05-08 11:22:25 +0200
committer	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-05-08 11:22:25 +0200
commit	642fe4866c23e1a25b0316f12f0028c9f0673c3d (patch)
tree	56a7b9cdc4fc5cce8f8349bfe47be8997e69ae1b /id/server/idserverlib/src/main/java/at/gv/egovernment
parent	8ab6d299cbbc2b9faa7f0d70b45e00ce54645e55 (diff)
download	moa-id-spss-642fe4866c23e1a25b0316f12f0028c9f0673c3d.tar.gz moa-id-spss-642fe4866c23e1a25b0316f12f0028c9f0673c3d.tar.bz2 moa-id-spss-642fe4866c23e1a25b0316f12f0028c9f0673c3d.zip