Merge branch 'datentechnik_modularization' into moa-id-2.2-merge

Conflicts:
	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
	id/server/stork2-commons/pom.xml
	id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/.svn/entries
	id/server/stork2-commons/src/main/resources/.svn/entries
	id/server/stork2-saml-engine/pom.xml
	pom.xml

7 files changed, 109 insertions, 4 deletions

diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule
new file mode 100644
index 000000000..865096055
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule
@@ -0,0 +1,2 @@
+# The default moaid process
+at.gv.egovernment.moa.id.auth.modules.internal.DefaultAuthModuleImpl
diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml
new file mode 100644
index 000000000..3860ddef4
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>

+<pd:ProcessDefinition id="DefaultAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">

+

+<!--

+	- National authentication with Austrian Citizen Card and mobile signature with our without mandate.

+	- Legacy authentication for foreign citizens using MOCCA supported signature cards.

+-->

+	<pd:Task id="createIdentityLinkForm"    class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CreateIdentityLinkFormTask" />

+	<pd:Task id="verifyIdentityLink"        class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask"        async="true" />

+	<pd:Task id="verifyAuthBlock"           class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask" async="true" />

+	<pd:Task id="verifyCertificate"         class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask"         async="true" />

+	<pd:Task id="getMISSessionID"           class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask"           async="true" />

+	<pd:Task id="certificateReadRequest"    class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CertificateReadRequestTask" />

+	<pd:Task id="prepareAuthBlockSignature" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareAuthBlockSignatureTask" />

+	<pd:Task id="getForeignID"              class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask"              async="true" />

+

+	<!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->

+	<pd:StartEvent id="start" />

+	

+	<pd:Transition from="start"                     to="createIdentityLinkForm" />

+	

+	<pd:Transition from="createIdentityLinkForm"    to="verifyIdentityLink" />

+	

+	<pd:Transition from="verifyIdentityLink"        to="certificateReadRequest" conditionExpression="!ctx['identityLinkAvailable'] || ctx['useMandate']" />

+	<pd:Transition from="verifyIdentityLink"        to="prepareAuthBlockSignature" />

+	

+	<pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" />

+	<!-- Note: verifyAuthBlock still creates a MIS session and redirects the user to the MIS gui. This should be separated from the auth block verification. -->

+	

+	<pd:Transition from="certificateReadRequest"    to="verifyCertificate" />

+	<!-- Note: verifyCertificate still creates the auth block to be signed which should be separated from certificat verification. -->

+	

+	<pd:Transition from="verifyCertificate"         to="verifyAuthBlock" conditionExpression="ctx['useMandate']" />

+	<pd:Transition from="verifyCertificate"         to="getForeignID" />

+	

+	<pd:Transition from="verifyAuthBlock"           to="getMISSessionID" conditionExpression="ctx['useMandate']" />

+	<pd:Transition from="verifyAuthBlock"           to="end" />

+	

+	<pd:Transition from="getMISSessionID"           to="end" />

+	<pd:Transition from="getForeignID"              to="end" />

+	

+	<pd:EndEvent id="end" />

+

+</pd:ProcessDefinition>

diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd
new file mode 100644
index 000000000..d6ab7ae46
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+	targetNamespace="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+	xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+	elementFormDefault="qualified" version="1.0">
+
+	<xsd:element name="ProcessDefinition">
+		<xsd:complexType>
+			<xsd:sequence>
+				<xsd:choice minOccurs="0" maxOccurs="unbounded">
+					<xsd:element name="StartEvent" type="tns:StartEventType" />
+					<xsd:element name="Task" type="tns:TaskType" />
+					<xsd:element name="Transition" type="tns:TransitionType" />
+					<xsd:element name="EndEvent" type="tns:EndEventType" />
+				</xsd:choice>
+			</xsd:sequence>
+			<xsd:attribute name="id" type="xsd:ID" use="required" />
+		</xsd:complexType>
+	</xsd:element>
+
+	<xsd:complexType name="ProcessNodeType" abstract="true">
+		<xsd:attribute name="id" type="xsd:ID" use="required" />
+	</xsd:complexType>
+
+	<xsd:complexType name="StartEventType">
+		<xsd:complexContent>
+			<xsd:extension base="tns:ProcessNodeType" />
+		</xsd:complexContent>
+	</xsd:complexType>
+
+	<xsd:complexType name="TransitionType">
+		<xsd:attribute name="from" type="xsd:IDREF" use="required" />
+		<xsd:attribute name="to" type="xsd:IDREF" use="required" />
+		<xsd:attribute name="id" type="xsd:ID" />
+		<xsd:attribute name="conditionExpression" type="xsd:string" />
+	</xsd:complexType>
+
+	<xsd:complexType name="EndEventType">
+		<xsd:complexContent>
+			<xsd:extension base="tns:ProcessNodeType" />
+		</xsd:complexContent>
+	</xsd:complexType>
+
+	<xsd:complexType name="TaskType">
+		<xsd:complexContent>
+			<xsd:extension base="tns:ProcessNodeType">
+				<xsd:attribute name="async" type="xsd:boolean" default="false"/>
+				<xsd:attribute name="class" type="xsd:string" />
+			</xsd:extension>
+		</xsd:complexContent>
+	</xsd:complexType>
+
+</xsd:schema>
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 8fda4566c..ad01644a1 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -229,6 +229,9 @@ stork.18=STORK-SAML Engine konnte nicht initialisiert werden.
 stork.19=Das erforderliche Attribut ist f\u00FCr naturliche Personen nicht vorhanden\: {0}

 stork.20=Fehler bei der Datenkonversion - eingegebens Datum fehlerhaft

 stork.21=Der angeforderte QAA-level {0} ist h\u00F6her als der QAA-level der Authentifizierung {1}

+stork.22=Der STORK Authentifizierung erfordert die Auswahl des Herkunftslandes der Betroffenen.

+stork.23=Die STORK Authentifizierung f\u00FCr "{0}" wird nicht unterst\u00FCtzt.

+stork.24=Die STORK Authentifizierungsantwort enth\uFFFDlt leere Angaben zum Geschlecht.

 

 pvp2.00={0} ist kein gueltiger consumer service index

 pvp2.01=Fehler beim kodieren der PVP2 Antwort

@@ -266,4 +269,7 @@ oauth20.09=Zertifikat fuer JSON Web-Token ist falsch konfiguriert. Fehler bei "{
 

 slo.00=Sie konnten erfolgreich von allen Online-Applikation abgemeldet werden.

 slo.01=Sie konnten NICHT erfolgreich von allen Online-Applikationen abgemeldet werden\!<BR>Bitte schlie\u00DFen Sie aus sicherheitsgr\u00FCnden Ihren Browser.

-slo.02=Es wurde keine aktive SSO Session gefunden oder Sie sind bei keiner Online-Applikation angemeldet.
\ No newline at end of file
+slo.02=Es wurde keine aktive SSO Session gefunden oder Sie sind bei keiner Online-Applikation angemeldet.

+

+process.01=Fehler beim Ausf\u00FChren des Prozesses.

+process.02=Fehler beim Erstellen eines geeigneten Prozesses f\u00FCr die SessionID {0}.

diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
index 7e2ddc491..e293d8456 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
@@ -837,7 +837,7 @@
 				src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
 			</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
 				style="border: 0; width: 88px; height: 31px"
-				src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+				src="https://jigsaw.w3.org/css-validator/images/vcss-blue"
 				alt="CSS ist valide!" />
 			</a>
 		</div>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
index e75bef70c..033a574b9 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
@@ -545,7 +545,7 @@ button:hover,button:focus,button:active,.sendButton:hover,.sendButton:focus,.sen
 				src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
 			</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
 				style="border: 0; width: 88px; height: 31px"
-				src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+				src="https://jigsaw.w3.org/css-validator/images/vcss-blue"
 				alt="CSS ist valide!" />
 			</a>
 		</div>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html b/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html
index b241e85cf..8976b2bd6 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html
@@ -436,7 +436,7 @@
 				src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
 			</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
 				style="border: 0; width: 88px; height: 31px"
-				src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+				src="https://jigsaw.w3.org/css-validator/images/vcss-blue"
 				alt="CSS ist valide!" />
 			</a>
 		</div>