aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2017-11-20 11:51:18 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2017-11-20 11:51:18 +0100
commit1b5e11112af6bbe48bfb5c95c8b75ae90f3edb22 (patch)
treebffeb1e4042eff3da78c8ebb054ad68e823805a2 /id/server/idserverlib/src/main/java/at
parent26ed8e3cf67094f8348993b6a87210c49334cb97 (diff)
parent71680a1b57a22f64237bfaacb4511057f7637f8d (diff)
downloadmoa-id-spss-1b5e11112af6bbe48bfb5c95c8b75ae90f3edb22.tar.gz
moa-id-spss-1b5e11112af6bbe48bfb5c95c8b75ae90f3edb22.tar.bz2
moa-id-spss-1b5e11112af6bbe48bfb5c95c8b75ae90f3edb22.zip
Merge branch 'development_preview' into eIDAS_node_implementation
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java11
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java99
2 files changed, 101 insertions, 9 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
index 353261085..5f74d8fdd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AbstractController.java
@@ -29,6 +29,7 @@ import java.io.StringWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -48,7 +49,6 @@ import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.data.ExceptionContainer;
import at.gv.egovernment.moa.id.moduls.IRequestStorage;
@@ -166,8 +166,9 @@ public abstract class AbstractController extends MOAIDAuthConstants {
return;
- } catch (MOADatabaseException e) {
- Logger.warn("Exception can not be stored to Database.", e);
+ } catch (Exception e) {
+ Logger.warn("Default error-handling FAILED. Exception can not be stored to Database.", e);
+ Logger.info("Switch to generic generic backup error-handling ... ");
handleErrorNoRedirect(loggedException, req, resp, true);
}
@@ -231,7 +232,7 @@ public abstract class AbstractController extends MOAIDAuthConstants {
ErrorResponseUtils utils = ErrorResponseUtils.getInstance();
String code = utils.mapInternalErrorToExternalError(
((InvalidProtocolRequestException)e).getMessageId());
- String descr = e.getMessage();
+ String descr = StringEscapeUtils.escapeHtml(e.getMessage());
resp.setContentType(MediaType.HTML_UTF_8.toString());
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Protocol validation FAILED!" +
"(Errorcode=" + code +
@@ -248,7 +249,7 @@ public abstract class AbstractController extends MOAIDAuthConstants {
null);
//add errorcode and errormessage
- config.putCustomParameter("errorMsg", msg);
+ config.putCustomParameter("errorMsg", StringEscapeUtils.escapeHtml(msg));
config.putCustomParameter("errorCode", errorCode);
//add stacktrace if debug is enabled
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java
index 73d6e978e..95e3c5bc2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPConstants.java
@@ -22,13 +22,19 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.pvp2x;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
import org.opensaml.xml.encryption.EncryptionConstants;
import org.opensaml.xml.signature.SignatureConstants;
+import at.gv.egovernment.moa.id.data.Trible;
+
public interface PVPConstants {
public static final String SSLSOCKETFACTORYNAME = "MOAMetaDataProvider";
-
+
public static final String DEFAULT_SIGNING_METHODE = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256;
public static final String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256;
public static final String DEFAULT_SYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256;
@@ -54,8 +60,12 @@ public interface PVPConstants {
public static final String PVP_VERSION_NAME = URN_OID_PREFIX + PVP_VERSION_OID;
public static final String PVP_VERSION_FRIENDLY_NAME = "PVP-VERSION";
public static final String PVP_VERSION_2_1 = "2.1";
+
+ public static final String SECCLASS_OID = "1.2.40.0.10.2.1.1.261.110";
public static final String SECCLASS_FRIENDLY_NAME = "SECCLASS";
+ public static final String SECCLASS_NAME = URN_OID_PREFIX + SECCLASS_OID;
+ public static final int SECCLASS_MAX_LENGTH = 128;
public static final String PRINCIPAL_NAME_OID = "1.2.40.0.10.2.1.1.261.20";
public static final String PRINCIPAL_NAME_NAME = URN_OID_PREFIX + PRINCIPAL_NAME_OID;
@@ -136,9 +146,13 @@ public interface PVPConstants {
public static final String ROLES_FRIENDLY_NAME = "ROLES";
public static final int ROLES_MAX_LENGTH = 32767;
- public static final String EID_CITIZEN_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.94";
- public static final String EID_CITIZEN_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_QAA_LEVEL_OID;
- public static final String EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-LEVEL";
+ @Deprecated public static final String EID_CITIZEN_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.94";
+ @Deprecated public static final String EID_CITIZEN_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_QAA_LEVEL_OID;
+ @Deprecated public static final String EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-LEVEL";
+
+ public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_OID = "1.2.40.0.10.2.1.1.261.108";
+ public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_NAME = URN_OID_PREFIX + EID_CITIZEN_EIDAS_QAA_LEVEL_OID;
+ public static final String EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME = "EID-CITIZEN-QAA-EIDAS-LEVEL";
public static final String EID_ISSUING_NATION_OID = "1.2.40.0.10.2.1.1.261.32";
public static final String EID_ISSUING_NATION_NAME = URN_OID_PREFIX + EID_ISSUING_NATION_OID;
@@ -283,4 +297,81 @@ public interface PVPConstants {
public static final String PVP_HOLDEROFKEY_OID = "1.2.40.0.10.2.1.1.261.xx.xx";
public static final String PVP_HOLDEROFKEY_NAME = URN_OID_PREFIX + PVP_HOLDEROFKEY_OID;
public static final String PVP_HOLDEROFKEY_FRIENDLY_NAME = "HOLDER-OF-KEY-CERTIFICATE";
+
+
+
+ public static final String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category";
+ public static final String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken";
+ public static final String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken";
+
+ /**
+ *
+ * Get required PVP attributes for egovtoken
+ * First : PVP attribute name (OID)
+ * Second: FriendlyName
+ * Third: Required
+ *
+ */
+ public static final List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES =
+ Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
+ private static final long serialVersionUID = 1L;
+ {
+ //currently supported attributes
+ add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+ add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+
+ //currently not supported attributes
+ add(Trible.newInstance(USERID_NAME, USERID_FRIENDLY_NAME, false));
+ add(Trible.newInstance(GID_NAME, GID_FRIENDLY_NAME, false));
+ add(Trible.newInstance(PARTICIPANT_ID_NAME, PARTICIPANT_ID_FRIENDLY_NAME, false));
+ add(Trible.newInstance(OU_GV_OU_ID_NAME, OU_GV_OU_ID_FRIENDLY_NAME, false));
+ add(Trible.newInstance(OU_NAME, OU_FRIENDLY_NAME, false));
+ add(Trible.newInstance(SECCLASS_NAME, SECCLASS_FRIENDLY_NAME, false));
+
+
+ }
+ });
+
+ /**
+ *
+ * Get required PVP attributes for citizenToken
+ * First : PVP attribute name (OID)
+ * Second: FriendlyName
+ * Third: Required
+ *
+ */
+ public static final List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES =
+ Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
+ private static final long serialVersionUID = 1L;
+ {
+ //required attributes - eIDAS minimal-data set
+ add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+ add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+ add(Trible.newInstance(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
+ add(Trible.newInstance(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, true));
+ add(Trible.newInstance(BPK_NAME, BPK_FRIENDLY_NAME, true));
+
+
+ //not required attributes
+ add(Trible.newInstance(EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, false));
+ add(Trible.newInstance(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, false));
+ add(Trible.newInstance(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_TYPE_OID_NAME, MANDATE_TYPE_OID_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_NAME, MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_NAT_PER_GIVEN_NAME_NAME, MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_NAT_PER_FAMILY_NAME_NAME, MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_NAT_PER_BIRTHDATE_NAME, MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_LEG_PER_FULL_NAME_NAME, MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME, false));
+ add(Trible.newInstance(MANDATE_REFERENCE_VALUE_NAME, MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
+
+
+
+ }
+ });
+
}