aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-06-05 10:46:09 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-06-05 10:46:09 +0200
commit84a55fe8bec3924102bd2217f7e39e7a698f2829 (patch)
tree80ed028988aeb91d604ee1dc1d6b5ff4ada2c178 /id/server/idserverlib/src/main/java
parent709197ce12c5502f86e16da1167b97ca318f47fa (diff)
downloadmoa-id-spss-84a55fe8bec3924102bd2217f7e39e7a698f2829.tar.gz
moa-id-spss-84a55fe8bec3924102bd2217f7e39e7a698f2829.tar.bz2
moa-id-spss-84a55fe8bec3924102bd2217f7e39e7a698f2829.zip
update moa-sig to 3.1.2 to get signing time in XML signature verification result
Diffstat (limited to 'id/server/idserverlib/src/main/java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java77
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java20
2 files changed, 52 insertions, 45 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
index d5ca89656..d2d39e9e6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java
@@ -52,10 +52,7 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.exception.ServiceException;
-import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
-import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
@@ -64,7 +61,6 @@ import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.Logger;
/**
@@ -93,22 +89,22 @@ public class SignatureVerificationInvoker {
}
private SignatureVerificationInvoker() {
- try {
- AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
- ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter();
+// try {
+// AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
+// ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter();
- if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
-
-
- } else {
+// if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
+//
+//
+// } else {
svs = SignatureVerificationService.getInstance();
- }
+// }
- } catch (ConfigurationException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
+// } catch (ConfigurationException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
}
@@ -144,35 +140,34 @@ public class SignatureVerificationInvoker {
protected Element doCall(QName serviceName, Element request) throws ServiceException {
ConnectionParameterInterface authConnParam = null;
try {
- AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
- authConnParam = authConfigProvider.getMoaSpConnectionParameter();
- //If the ConnectionParameter do NOT exist, we try to get the api to work....
- if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
-
- throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"});
-// Service service = ServiceFactory.newInstance().createService(serviceName);
-// Call call = service.createCall();
-// SOAPBodyElement body = new SOAPBodyElement(request);
-// SOAPBodyElement[] params = new SOAPBodyElement[] { body };
-// Vector responses;
-// SOAPBodyElement response;
+// AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
+// authConnParam = authConfigProvider.getMoaSpConnectionParameter();
+// //If the ConnectionParameter do NOT exist, we try to get the api to work....
+// if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
//
-// Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
-// call.setTargetEndpointAddress(authConnParam.getUrl());
-// responses = (Vector) call.invoke(serviceName, params);
-// Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
-// response = (SOAPBodyElement) responses.get(0);
-// return response.getAsDOM();
- }
- else {
- VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);
-
+// throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"});
+//// Service service = ServiceFactory.newInstance().createService(serviceName);
+//// Call call = service.createCall();
+//// SOAPBodyElement body = new SOAPBodyElement(request);
+//// SOAPBodyElement[] params = new SOAPBodyElement[] { body };
+//// Vector responses;
+//// SOAPBodyElement response;
+////
+//// Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
+//// call.setTargetEndpointAddress(authConnParam.getUrl());
+//// responses = (Vector) call.invoke(serviceName, params);
+//// Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
+//// response = (SOAPBodyElement) responses.get(0);
+//// return response.getAsDOM();
+// }
+// else {
+ VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);
VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
- Document result = new VerifyXMLSignatureResponseBuilder().build(vsresponse);
-
+ Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
+
//Logger.setHierarchy("moa.id.auth");
return result.getDocumentElement();
- }
+// }
}
catch (Exception ex) {
if (authConnParam != null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
index b54a43fff..0fba2d3f6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
@@ -46,12 +46,11 @@
package at.gv.egovernment.moa.id.auth.parser;
-import iaik.utils.Base64InputStream;
-import iaik.x509.X509Certificate;
-
import java.io.ByteArrayInputStream;
import java.io.InputStream;
+import org.joda.time.DateTime;
+import org.joda.time.format.ISODateTimeFormat;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
@@ -59,7 +58,10 @@ import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.XPathUtils;
+import iaik.utils.Base64InputStream;
+import iaik.x509.X509Certificate;
/**
* Parses a <code>&lt;VerifyXMLSignatureResponse&gt;</code> returned by
@@ -115,6 +117,9 @@ public class VerifyXMLSignatureResponseParser {
private static final String CERTIFICATE_CHECK_CODE_XPATH =
ROOT + MOA + "CertificateCheck/" + MOA + "Code";
+ private static final String SIGNING_TIME_XPATH =
+ ROOT + MOA + "SigningTime";
+
/** This is the root element of the XML-Document provided by the Security Layer Card*/
private Element verifyXMLSignatureResponse;
@@ -200,7 +205,14 @@ public class VerifyXMLSignatureResponseParser {
if (signatureManifestCheckCode != null) {
respData.setSignatureManifestCheckCode(new Integer(signatureManifestCheckCode).intValue());
}
- respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
+ respData.setCertificateCheckCode(new Integer(XPathUtils.getElementValue(verifyXMLSignatureResponse,CERTIFICATE_CHECK_CODE_XPATH,"")).intValue());
+
+ String signingTimeElement = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNING_TIME_XPATH,"");
+ if (MiscUtil.isNotEmpty(signingTimeElement)) {
+ DateTime datetime = ISODateTimeFormat.dateTimeNoMillis().parseDateTime(signingTimeElement);
+ respData.setSigningDateTime(datetime.toDate());
+
+ }
}
catch (Throwable t) {
throw new ParseException("parser.01", null, t);