aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-E-ID_connector/src/main
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-11-11 16:39:45 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-11-11 16:39:45 +0100
commitaefcc63f0edc077f8381703f4be0c910a63c75cc (patch)
treeed004e73cf2bde07b6109350e28cb08d353f632a /id/server/modules/moa-id-module-E-ID_connector/src/main
parent4ccea26febcccf9611875ec54e68b262de7762bc (diff)
downloadmoa-id-spss-aefcc63f0edc077f8381703f4be0c910a63c75cc.tar.gz
moa-id-spss-aefcc63f0edc077f8381703f4be0c910a63c75cc.tar.bz2
moa-id-spss-aefcc63f0edc077f8381703f4be0c910a63c75cc.zip
update algorithm that generates unique identifiers for AppReg registration for E-ID Proxy mode
Diffstat (limited to 'id/server/modules/moa-id-module-E-ID_connector/src/main')
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java2
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java2
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java45
3 files changed, 45 insertions, 4 deletions
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java
index 091feb7fc..1478a6f45 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java
@@ -87,7 +87,7 @@ public class EidAppRegIdentifierGenerationController extends AbstractController
}
- String appRegId = Utils.getEidSystemApplicationId(oaParam, authUrl);
+ String appRegId = Utils.getEidSystemApplicationId(oaParam, authUrl, authConfig);
config.putCustomParameterWithOutEscaption(null, "appregId", appRegId);
guiBuilder.build(req, resp, config, "AppReg Id generation GUI");
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java
index 177103051..124377845 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java
@@ -113,7 +113,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
authnReqConfig.setSignCred(credential.getIDPAssertionSigningCredential());
authnReqConfig.setSPEntityID(pendingReq.getAuthURL() + EIDProxyAuthConstants.ENDPOINT_METADATA);
authnReqConfig.setScopeRequesterId(
- Utils.getEidSystemApplicationId(pendingReq.getServiceProviderConfiguration(), pendingReq.getAuthURL()));
+ Utils.getEidSystemApplicationId(pendingReq.getServiceProviderConfiguration(), pendingReq.getAuthURL(), authConfig));
//build and transmit AuthnRequest
authnReqBuilder.buildAuthnRequest(pendingReq, authnReqConfig , response);
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java
index 0de1a9df2..f58ca4743 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java
@@ -9,14 +9,24 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.auth.modules.eidproxyauth.EIDProxyAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
public class Utils {
+ public static final String CONFIG_PROP_EID_APPREG_ID_LAYOUT_V2 =
+ "modules.eidproxyauth.appreg.id.layout.v2";
+
public static final String PARAM_APPREG_SP_ID = "?sp=";
- public static String getEidSystemApplicationId(ISPConfiguration spConfiguration, String authUrl) {
+ public static final String PARAM_PROTOCOL_SAML1 = "/saml1";
+ public static final String PARAM_PROTOCOL_SAML2 = "/saml2";
+ public static final String PARAM_PROTOCOL_OIDC = "/oidc";
+
+ public static String getEidSystemApplicationId(ISPConfiguration spConfiguration, String authUrl,
+ IConfiguration authConfig) {
StringBuilder builder = new StringBuilder();
if (authUrl.endsWith("/")) {
builder.append(authUrl.substring(0, authUrl.length() - 1));
@@ -25,13 +35,43 @@ public class Utils {
builder.append(authUrl);
}
+
+ if (authConfig.getBasicConfigurationBoolean(Utils.CONFIG_PROP_EID_APPREG_ID_LAYOUT_V2, true)) {
+ builder.append(selectProtocolFromSpConfig(spConfiguration));
+
+ }
builder.append(PARAM_APPREG_SP_ID);
builder.append(spConfiguration.getUniqueIdentifier());
return builder.toString();
}
- public static String getEIDSystemEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) {
+ private static String selectProtocolFromSpConfig(ISPConfiguration spConfiguration) {
+ if (spConfiguration instanceof IOAAuthParameters) {
+ IOAAuthParameters spConf = (IOAAuthParameters) spConfiguration;
+ if (MiscUtil.isNotEmpty(
+ spConf.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL))) {
+ Logger.debug("SP: " + spConf.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_SAML2);
+ return PARAM_PROTOCOL_SAML2;
+
+ } else if (MiscUtil.isNotEmpty(
+ spConf.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) {
+ Logger.debug("SP: " + spConf.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_OIDC);
+ return PARAM_PROTOCOL_OIDC;
+
+ }
+
+ } else {
+ Logger.warn("Can NOT estimate type of SPConfiguration. Use SAML1 as default");
+
+ }
+
+ Logger.debug("SP: " + spConfiguration.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_SAML1);
+ return PARAM_PROTOCOL_SAML1;
+
+ }
+
+ public static String getEIDSystemEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) {
//load from service-provider configuration
String msNodeEntityID = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_EID_SYSTEM_SERVICE_URL);
@@ -59,4 +99,5 @@ public class Utils {
return msNodeEntityID;
}
+
}