PVP2 functional OK, STORK only partially tested

author: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-06-27 14:00:45 +0200
committer: Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> 2013-06-27 14:00:45 +0200
commit: d8f886a98dd2c3eaec17623c4032395b54b15d62 (patch)
tree: e6df05b7f8127491b2c0bc966c0394698192d831 /id/server/idserverlib
parent: b3e9fbc02bce967d7303a024c68851d6471b2685 (diff)
download: moa-id-spss-d8f886a98dd2c3eaec17623c4032395b54b15d62.tar.gz
moa-id-spss-d8f886a98dd2c3eaec17623c4032395b54b15d62.tar.bz2
moa-id-spss-d8f886a98dd2c3eaec17623c4032395b54b15d62.zip
14 files changed, 104 insertions, 305 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index d9f3ef7e8..45f269f0a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -2872,16 +2872,16 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     	Logger.debug("Issuer value: " + issuerValue);
     	
     	
-    	QualityAuthenticationAssuranceLevel qaaLevel = null;//TODO UNCOMMENT AGAIN !! = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(oaParam.getQaaLevel().getValue());
+    	QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(oaParam.getQaaLevel().getValue());
     	Logger.debug("QAALevel: " + qaaLevel.getValue());
     	
     	RequestedAttributes requestedAttributes = null;
     	
-    	//TODO UNCOMMENT AGAIN !! requestedAttributes = oaParam.getRequestedAttributes();
+    	requestedAttributes = oaParam.getRequestedAttributes();
 		requestedAttributes.detach();
     	List<RequestedAttribute> reqAttributeList = new ArrayList<RequestedAttribute>();
     	List<RequestedAttribute> oaReqAttributeList = null; 
-    	//TODO UNCOMMENT AGAIN !! oaReqAttributeList =  new ArrayList<RequestedAttribute>(oaParam.getRequestedAttributes().getRequestedAttributes());
+    	oaReqAttributeList =  new ArrayList<RequestedAttribute>(oaParam.getRequestedAttributes().getRequestedAttributes());
     	//check if country specific attributes must be additionally requested
     	if (!cpeps.getCountrySpecificRequestedAttributes().isEmpty()) {
     		//add country specific attributes to be requested (Hierarchy: default oa attributes > country specific attributes > oa specific attributes
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 8279b28d8..cef9f9ff9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -28,6 +28,7 @@ import iaik.pki.PKIException;
 import iaik.pki.jsse.IAIKX509TrustManager;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 import java.util.Properties;
 
@@ -36,6 +37,9 @@ import javax.activation.MailcapCommandMap;
 import javax.mail.Session;
 import javax.net.ssl.SSLSocketFactory;
 
+import org.apache.commons.logging.impl.SLF4JLog;
+import org.apache.log4j.config.PropertyPrinter;
+
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.ConnectionParameter;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
@@ -158,6 +162,7 @@ public class MOAIDAuthInitializer {
 
         // Initializes IAIKX509TrustManager logging
         String log4jConfigURL = System.getProperty("log4j.configuration");
+        Logger.info("Log4J Configuration: " + log4jConfigURL);
         if (log4jConfigURL != null) {
             IAIKX509TrustManager.initLog(new LoggerConfigImpl(log4jConfigURL));
         }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index b86b2ec68..82acd0897 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -279,7 +279,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 		  }
 
 		//Initialize OpenSAML for STORK
-		Logger.trace("Starting initialization of OpenSAML...");
+		Logger.info("Starting initialization of OpenSAML...");
 		STORKBootstrap.bootstrap();
 		Logger.debug("OpenSAML successfully initialized");
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 10dd2cfea..7c174de77 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -133,17 +133,17 @@ public class OAAuthParameter extends OAParameter {
   /**
    * STORK QAA Level, Default = 4
    */
- // private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4);
+ private QualityAuthenticationAssuranceLevel qaaLevel = STORKMessagesBuilder.buildQualityAuthenticationAssuranceLevel(4);
   
   /**
    * STORK RequestedAttributes for Online Application
    * Default RequestedAttributes are: eIdentifier, givenName, surname, dateOfBirth 
    */
-  //private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(
-//		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null), 
-//		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null), 
-//		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null), 
-//		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null));
+  private RequestedAttributes requestedAttributes = STORKMessagesBuilder.buildRequestedAttributes(
+		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_EIDENTIFIER, true, null), 
+		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_GIVENNAME, true, null), 
+		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_SURNAME, true, null), 
+		  STORKMessagesBuilder.buildRequestedAttribute(STORKConstants.STORK_ATTRIBUTE_DATEOFBIRTH, false, null));
   
     
 /**
@@ -469,33 +469,33 @@ public class OAAuthParameter extends OAParameter {
   	 * Returns the defined STORK QAALevel
   	 * @return STORK QAALevel
   	 */
-	/*public QualityAuthenticationAssuranceLevel getQaaLevel() {
+	public QualityAuthenticationAssuranceLevel getQaaLevel() {
 		return qaaLevel;
-	}*/
+	}
 	
 	/**
 	 * Sets the STORK QAALevel
 	 * @param qaaLevel
 	 */
-	/*public void setQaaLevel(QualityAuthenticationAssuranceLevel qaaLevel) {
+	public void setQaaLevel(QualityAuthenticationAssuranceLevel qaaLevel) {
 		this.qaaLevel = qaaLevel;
-	}*/
+	}
 	
 	/**
 	 * Returns the desired STORK Requested Attributes
 	 * @return STORK Requested Attributes
 	 */
-	//public RequestedAttributes getRequestedAttributes() {
-	//	return requestedAttributes;
-	//}
+	public RequestedAttributes getRequestedAttributes() {
+		return requestedAttributes;
+	}
 	
 	/**
 	 * Sets the desired STORK Requested Attributes
 	 * @param requestedAttributes
 	 */
-	//public void setRequestedAttributes(RequestedAttributes requestedAttributes) {
-	//	this.requestedAttributes = requestedAttributes;
-	//}
+	public void setRequestedAttributes(RequestedAttributes requestedAttributes) {
+		this.requestedAttributes = requestedAttributes;
+	}
   
   
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
deleted file mode 100644
index e04600b42..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/AuthDispatcherServlet.java
+++ /dev/null
@@ -1,263 +0,0 @@
-package at.gv.egovernment.moa.id.entrypoints;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
-import at.gv.egovernment.moa.id.auth.WrongParametersException;
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
-import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
-import at.gv.egovernment.moa.id.moduls.IAction;
-import at.gv.egovernment.moa.id.moduls.IModulInfo;
-import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.ModulStorage;
-import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException;
-import at.gv.egovernment.moa.id.moduls.ServletInfo;
-import at.gv.egovernment.moa.id.moduls.ServletType;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-
-public class AuthDispatcherServlet extends AuthServlet {
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 1L;
-
-	public static final String PARAM_TARGET_PATH = "mod";
-	public static final String PARAM_TARGET_PROTOCOL = "action";
-/*	public static final String PARAM_DISPATCHER_TARGETS = "DispatcherTargets";
-	public static final String PARAM_DISPATCHER_TYPE = "DispatcherType";
-	public static final String PARAM_DISPATCHER_TYPE_UNAUTH = "UNAUTH";
-	public static final String PARAM_DISPATCHER_TYPE_AUTH = "AUTH";
-	public static String SYSTEM_NEWLINE = System.getProperty("line.separator");
-
-	private HashMap<String, HashMap<String, HttpServlet>> endpointMap = new HashMap<String, HashMap<String, HttpServlet>>();
-
-	private void registerModule(IModulInfo modulInfo) {
-
-		HashMap<String, HttpServlet> tempMap = new HashMap<String, HttpServlet>();
-
-		try {
-
-			String path = modulInfo.getPath();
-
-			if (path == null) {
-				throw new Exception(String.format(
-						"%s does not return a valid target path!",
-						new Object[] { modulInfo.getClass().getName() }));
-			}
-
-			Logger.debug("Registering: " + modulInfo.getName() + " under "
-					+ path);
-
-			List<ServletInfo> servletInfos = modulInfo.getServlets();
-
-			Iterator<ServletInfo> servletInfoIterator = servletInfos.iterator();
-
-			while (servletInfoIterator.hasNext()) {
-
-				ServletInfo servletInfo = servletInfoIterator.next();
-
-				if (servletInfo.getType() == ServletType.AUTH) {
-					HttpServlet servlet = servletInfo.getServletInstance();
-					String target = servletInfo.getTarget();
-
-					if (target == null) {
-						throw new Exception(
-								String.format(
-										"%s does not return a valid target identifier!",
-										new Object[] { servlet.getClass()
-												.getName() }));
-					}
-
-					if (tempMap.containsKey(target)) {
-						throw new Exception(String.format(
-								"%s tried to overwrite %s/%s", new Object[] {
-										servlet.getClass().getName(), path,
-										target }));
-					}
-
-					tempMap.put(target, servlet);
-					Logger.info("Registered Servlet class: "
-							+ servlet.getClass().getName() + " OK");
-				}
-
-			}
-
-			// when there was no error we register all servlets into the real
-			// endpoint map ...
-			if (!tempMap.isEmpty()) {
-				endpointMap.put(path, tempMap);
-			}
-		} catch (Throwable e) {
-			Logger.error("Registering Modul class: "
-					+ modulInfo.getClass().getName() + " FAILED!!", e);
-		}
-	}
-*/
-	@Override
-	public void init(ServletConfig config) throws ServletException {
-		try {
-			super.init(config);
-			MOAIDAuthInitializer.initialize();
-			Logger.info(MOAIDMessageProvider.getInstance().getMessage(
-					"init.00", null));
-		} catch (Exception ex) {
-			Logger.fatal(
-					MOAIDMessageProvider.getInstance().getMessage("init.02",
-							null), ex);
-			throw new ServletException(ex);
-		}
-		Logger.info("Auth dispatcher Servlet initialization");
-/*
-		List<IModulInfo> modules = ModulStorage.getAllModules();
-		Iterator<IModulInfo> it = modules.iterator();
-		while (it.hasNext()) {
-			IModulInfo info = it.next();
-			String targetClass = info.getClass().getName();
-			try {
-				registerModule(info);
-			} catch (Throwable e) {
-				Logger.error("Registering Class " + targetClass + " FAILED!!",
-						e);
-			}
-		}*/
-	}
-
-	protected void processRequest(HttpServletRequest req,
-			HttpServletResponse resp) throws ServletException, IOException {
-		try {
-			Object pathObject = req.getParameter(PARAM_TARGET_PATH);
-			String path = null;
-
-			HttpSession session = req.getSession();
-
-			if (pathObject != null && (pathObject instanceof String)) {
-				path = (String) pathObject;
-			}
-
-			if (path == null) {
-				path = (String) session.getAttribute(PARAM_TARGET_PATH);
-			}
-
-			Object protocolObject = req.getParameter(PARAM_TARGET_PROTOCOL);
-			String protocol = null;
-			if (protocolObject != null && (protocolObject instanceof String)) {
-				protocol = (String) protocolObject;
-			}
-
-			if (protocol == null) {
-				protocol = (String) session.getAttribute(PARAM_TARGET_PROTOCOL);
-			}
-
-			Logger.debug("dispatching to " + path + " protocol " + protocol);
-/*
-			if (path != null && protocol != null
-					&& endpointMap.containsKey(path)) {
-				
-				IModulInfo info = ModulStorage.getModuleByPath(path);
-				
-				if (info == null) {
-					resp.sendError(HttpServletResponse.SC_NOT_FOUND);
-					Logger.error("Path " + path + " has no module registered");
-					return;
-				}
-				
-				IAction action = info.getAction(protocol);
-				
-				if (action == null) {
-					resp.sendError(HttpServletResponse.SC_NOT_FOUND);
-					Logger.error("Action " + protocol + " is not available!");
-					return;
-				}
-				
-				
-				
-				try {
-				IRequest configuration = info.preProcess(req, resp, protocol);
-
-				if(configuration.forceAuth()) {
-					session.setAttribute(PARAM_TARGET_PATH, path);
-					session.setAttribute(PARAM_TARGET_PROTOCOL, protocol);
-
-					AuthenticationManager.doAuthentication(req, resp,
-							configuration);
-					return;
-				}
-				
-				if (!AuthenticationManager.isAuthenticated(req, resp)) {
-
-					session.setAttribute(PARAM_TARGET_PATH, path);
-					session.setAttribute(PARAM_TARGET_PROTOCOL, protocol);
-
-					if(configuration.isPassiv()) {
-						throw new NoPassivAuthenticationException();
-					}
-					
-					AuthenticationManager.doAuthentication(req, resp,
-							configuration);
-					return;
-				}
-
-				HashMap<String, HttpServlet> pathMap = endpointMap.get(path);
-				Logger.debug("found path");
-				if (pathMap.containsKey(protocol)) {
-					Logger.debug("found protocol");
-					try {
-						HttpServlet servlet = (HttpServlet) pathMap
-								.get(protocol);
-						String forward = servlet.getClass().getName();
-						Logger.info("Forwarding to Servlet: " + forward);
-						getServletContext().getNamedDispatcher(forward)
-								.forward(req, resp);
-						// TODO: disabled SSO
-						AuthenticationManager.logout(req, resp);
-						return;
-					} catch (Throwable e) {
-						e.printStackTrace();
-						resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-					}
-				}
-				}
-				catch (Throwable e) {
-					// Try handle module specific, if not possible rethrow
-					if(!info.generateErrorMessage(e, req, resp)) {
-						throw e;
-					}
-				}
-			}*/
-			resp.sendError(HttpServletResponse.SC_NOT_FOUND);
-		}/* catch (WrongParametersException ex) {
-			handleWrongParameters(ex, req, resp);
-		} catch (MOAIDException ex) {
-			handleError(null, ex, req, resp);
-		} */catch (Throwable e) {
-			e.printStackTrace();
-			resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-		}
-
-	}
-
-	@Override
-	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
-			throws ServletException, IOException {
-		processRequest(req, resp);
-	}
-
-	@Override
-	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
-			throws ServletException, IOException {
-		processRequest(req, resp);
-	}
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index c3f835edb..36a8d0d6b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -1,6 +1,7 @@
 package at.gv.egovernment.moa.id.entrypoints;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.util.Iterator;
 
 import javax.servlet.RequestDispatcher;
@@ -11,6 +12,10 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
+import org.apache.log4j.config.PropertyPrinter;
+
+import eu.stork.vidp.messages.common.STORKBootstrap;
+
 import at.gv.egovernment.moa.id.MOAIDException;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
@@ -56,6 +61,8 @@ public class DispatcherServlet extends AuthServlet {
 	protected void processRequest(HttpServletRequest req,
 			HttpServletResponse resp) throws ServletException, IOException {
 		try {
+			Logger.info("REQUEST: " + req.getRequestURI());
+			Logger.info("QUERY  : " + req.getQueryString());
 			String errorid = req.getParameter(ERROR_CODE_PARAM);
 			if (errorid != null) {
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index c5fa53973..e752857dd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -41,6 +41,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
@@ -64,14 +65,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 
 	private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
 	
-	static {
-		try {
-			DefaultBootstrap.bootstrap();
-		} catch (ConfigurationException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		}
-		
+	static {		
 		servletList.add(new ServletInfo(PVPProcessor.class, REDIRECT,
 				ServletType.AUTH));
 		servletList.add(new ServletInfo(PVPProcessor.class, POST,
@@ -172,7 +166,10 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 				attributeIdx = aIdx.intValue();
 			}
 			
-			EntityDescriptor metadata = moaRequest.getEntityMetadata(); 
+			EntityDescriptor metadata = moaRequest.getEntityMetadata();
+			if(metadata == null) {
+				throw new NoMetadataInformationException();
+			}
 			SPSSODescriptor spSSODescriptor = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
 			AssertionConsumerService consumerService  = spSSODescriptor.getAssertionConsumerServices().get(assertionidx);
 			AttributeConsumingService attributeConsumer  = spSSODescriptor.getAttributeConsumingServices().get(attributeIdx);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOAURICompare.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOAURICompare.java
new file mode 100644
index 000000000..513939e5d
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/MOAURICompare.java
@@ -0,0 +1,12 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
+
+import org.opensaml.common.binding.decoding.URIComparator;
+
+public class MOAURICompare implements URIComparator {
+
+	public boolean compare(String uri1, String uri2) {
+		// TODO: implement proper equalizer for rewritten URLS
+		return true;
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index 97e7ef80c..6e826005d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -16,6 +16,7 @@ import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.saml2.metadata.SPSSODescriptor;
 import org.opensaml.saml2.metadata.SingleSignOnService;
 import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
 import org.opensaml.ws.message.decoder.MessageDecodingException;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
@@ -24,8 +25,10 @@ import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
 
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
+import at.gv.egovernment.moa.logging.Logger;
 
 public class PostBinding implements IDecoder, IEncoder {
 
@@ -83,9 +86,16 @@ public class PostBinding implements IDecoder, IEncoder {
 		BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext = new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
 		messageContext
 				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
-
+		decode.setURIComparator(new MOAURICompare());
 		messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-
+		
+		try {
+			messageContext.setMetadataProvider(new MOAMetadataProvider());
+		} catch (MetadataProviderException e) {
+			Logger.error("Failed to get Metadata Provider");
+			throw new SecurityException("Failed to get Metadata Provider");
+		}
+		
 		decode.decode(messageContext);
 
 		RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index c0cf6ac63..4e7b08b21 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -76,6 +76,7 @@ public class RedirectBinding implements IDecoder, IEncoder {
 
 		HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
 				new BasicParserPool());
+		decode.setURIComparator(new MOAURICompare());
 		BasicSAMLMessageContext<RequestAbstractType, ?, ?> messageContext = new BasicSAMLMessageContext<RequestAbstractType, SAMLObject, SAMLObject>();
 		messageContext
 				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
index 11e9cb860..c8059b2f9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
@@ -8,8 +8,6 @@ import java.util.List;
 import java.util.Properties;
 import java.util.Set;
 
-import org.apache.commons.io.FileUtils;
-import org.apache.commons.io.filefilter.DirectoryFileFilter;
 import org.opensaml.saml2.metadata.Company;
 import org.opensaml.saml2.metadata.ContactPerson;
 import org.opensaml.saml2.metadata.ContactPersonTypeEnumeration;
@@ -38,6 +36,10 @@ public class PVPConfiguration {
 		return instance;
 	}
 
+	public static final String PVP2_METADATA = "/pvp2/metadata";
+	public static final String PVP2_REDIRECT = "/pvp2/redirect";
+	public static final String PVP2_POST = "/pvp2/post";
+	
 	public static final String PVP_CONFIG_FILE = "pvp2config.properties";
 	public static final String IDP_JAVAKEYSTORE = "idp.ks.file";
 	public static final String IDP_KEYALIAS = "idp.ks.alias";
@@ -54,9 +56,7 @@ public class PVPConfiguration {
 	public static final String IDP_ORG_DISPNAME = "idp.org.dispname";
 	public static final String IDP_ORG_URL = "idp.org.url";
 
-	public static final String IDP_POST_SSO_SERVICE = "idp.sso.post";
-	public static final String IDP_REDIRECT_SSO_SERVICE = "idp.sso.redirect";
-	public static final String IDP_SOAP_RESOLVE_SERVICE = "idp.resolve.soap";
+	public static final String IDP_PUBLIC_URL = "idp.public.url";
 
 	public static final String IDP_TRUST_STORE = "idp.truststore";
 	public static final String SP_TARGET_PREFIX = "sp.target.";
@@ -88,17 +88,27 @@ public class PVPConfiguration {
 			e.printStackTrace();
 		}
 	}
+	
+	public String getIDPPublicPath() {
+		String publicPath = props.getProperty(IDP_PUBLIC_URL);
+		if(publicPath != null) {
+			if(publicPath.endsWith("/")) {
+				publicPath = publicPath.substring(0, publicPath.length()-2);
+			}
+		}
+		return publicPath;
+	}
 
 	public String getIDPSSOPostService() {
-		return props.getProperty(IDP_POST_SSO_SERVICE);
+		return getIDPPublicPath() + PVP2_POST;
 	}
 
 	public String getIDPSSORedirectService() {
-		return props.getProperty(IDP_REDIRECT_SSO_SERVICE);
+		return getIDPPublicPath() + PVP2_REDIRECT;
 	}
-
-	public String getIDPResolveSOAPService() {
-		return props.getProperty(IDP_SOAP_RESOLVE_SERVICE);
+	
+	public String getIDPSSOMetadataService() {
+		return getIDPPublicPath() + PVP2_METADATA;
 	}
 
 	public String getIDPKeyStoreFilename() {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NoMetadataInformationException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NoMetadataInformationException.java
new file mode 100644
index 000000000..c45820cfb
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NoMetadataInformationException.java
@@ -0,0 +1,17 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions;
+
+import org.opensaml.saml2.core.StatusCode;
+
+public class NoMetadataInformationException extends PVP2Exception {
+
+	public NoMetadataInformationException() {
+		super("pvp2.15", null);
+		this.statusCodeValue = StatusCode.UNKNOWN_PRINCIPAL_URI;
+	}
+
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = -4608068445208032193L;
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
index 7bb5b052f..d6ac121b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
@@ -19,6 +19,8 @@ import org.opensaml.xml.io.Marshaller;
 import org.opensaml.xml.io.MarshallingException;
 import org.w3c.dom.Document;
 
+import eu.stork.vidp.messages.common.STORKBootstrap;
+
 public class SAML2Utils {
 
 	public static <T> T createSAMLObject(final Class<T> clazz) {
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 369cbd5b6..c757e7f8b 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -200,4 +200,5 @@ pvp2.10=Attribut {0} nicht verfuegbar
 pvp2.11=Binding {0} wird nicht unterstuetzt
 pvp2.12=NameID Format {0} wird nicht unterstuetzt
 pvp2.13=Interner Server Fehler
-pvp2.14=SAML Anfrage verweigert
-\ No newline at end of file
+pvp2.14=SAML Anfrage verweigert
+pvp2.15=Keine Metadateninformation gefunden
+\ No newline at end of file
author	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-06-27 14:00:45 +0200
committer	Andreas Fitzek <andreas.fitzek@iaik.tugraz.at>	2013-06-27 14:00:45 +0200
commit	d8f886a98dd2c3eaec17623c4032395b54b15d62 (patch)
tree	e6df05b7f8127491b2c0bc966c0394698192d831 /id/server/idserverlib
parent	b3e9fbc02bce967d7303a024c68851d6471b2685 (diff)
download	moa-id-spss-d8f886a98dd2c3eaec17623c4032395b54b15d62.tar.gz moa-id-spss-d8f886a98dd2c3eaec17623c4032395b54b15d62.tar.bz2 moa-id-spss-d8f886a98dd2c3eaec17623c4032395b54b15d62.zip