diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-11-11 16:39:45 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-11-11 16:39:45 +0100 |
commit | aefcc63f0edc077f8381703f4be0c910a63c75cc (patch) | |
tree | ed004e73cf2bde07b6109350e28cb08d353f632a /id/server/modules/moa-id-module-E-ID_connector | |
parent | 4ccea26febcccf9611875ec54e68b262de7762bc (diff) | |
download | moa-id-spss-aefcc63f0edc077f8381703f4be0c910a63c75cc.tar.gz moa-id-spss-aefcc63f0edc077f8381703f4be0c910a63c75cc.tar.bz2 moa-id-spss-aefcc63f0edc077f8381703f4be0c910a63c75cc.zip |
update algorithm that generates unique identifiers for AppReg registration for E-ID Proxy mode
Diffstat (limited to 'id/server/modules/moa-id-module-E-ID_connector')
3 files changed, 45 insertions, 4 deletions
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java index 091feb7fc..1478a6f45 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java @@ -87,7 +87,7 @@ public class EidAppRegIdentifierGenerationController extends AbstractController } - String appRegId = Utils.getEidSystemApplicationId(oaParam, authUrl); + String appRegId = Utils.getEidSystemApplicationId(oaParam, authUrl, authConfig); config.putCustomParameterWithOutEscaption(null, "appregId", appRegId); guiBuilder.build(req, resp, config, "AppReg Id generation GUI"); diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java index 177103051..124377845 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java @@ -113,7 +113,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask { authnReqConfig.setSignCred(credential.getIDPAssertionSigningCredential()); authnReqConfig.setSPEntityID(pendingReq.getAuthURL() + EIDProxyAuthConstants.ENDPOINT_METADATA); authnReqConfig.setScopeRequesterId( - Utils.getEidSystemApplicationId(pendingReq.getServiceProviderConfiguration(), pendingReq.getAuthURL())); + Utils.getEidSystemApplicationId(pendingReq.getServiceProviderConfiguration(), pendingReq.getAuthURL(), authConfig)); //build and transmit AuthnRequest authnReqBuilder.buildAuthnRequest(pendingReq, authnReqConfig , response); diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java index 0de1a9df2..f58ca4743 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java @@ -9,14 +9,24 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egovernment.moa.id.auth.modules.eidproxyauth.EIDProxyAuthConstants; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class Utils { + public static final String CONFIG_PROP_EID_APPREG_ID_LAYOUT_V2 = + "modules.eidproxyauth.appreg.id.layout.v2"; + public static final String PARAM_APPREG_SP_ID = "?sp="; - public static String getEidSystemApplicationId(ISPConfiguration spConfiguration, String authUrl) { + public static final String PARAM_PROTOCOL_SAML1 = "/saml1"; + public static final String PARAM_PROTOCOL_SAML2 = "/saml2"; + public static final String PARAM_PROTOCOL_OIDC = "/oidc"; + + public static String getEidSystemApplicationId(ISPConfiguration spConfiguration, String authUrl, + IConfiguration authConfig) { StringBuilder builder = new StringBuilder(); if (authUrl.endsWith("/")) { builder.append(authUrl.substring(0, authUrl.length() - 1)); @@ -25,13 +35,43 @@ public class Utils { builder.append(authUrl); } + + if (authConfig.getBasicConfigurationBoolean(Utils.CONFIG_PROP_EID_APPREG_ID_LAYOUT_V2, true)) { + builder.append(selectProtocolFromSpConfig(spConfiguration)); + + } builder.append(PARAM_APPREG_SP_ID); builder.append(spConfiguration.getUniqueIdentifier()); return builder.toString(); } - public static String getEIDSystemEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) { + private static String selectProtocolFromSpConfig(ISPConfiguration spConfiguration) { + if (spConfiguration instanceof IOAAuthParameters) { + IOAAuthParameters spConf = (IOAAuthParameters) spConfiguration; + if (MiscUtil.isNotEmpty( + spConf.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL))) { + Logger.debug("SP: " + spConf.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_SAML2); + return PARAM_PROTOCOL_SAML2; + + } else if (MiscUtil.isNotEmpty( + spConf.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) { + Logger.debug("SP: " + spConf.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_OIDC); + return PARAM_PROTOCOL_OIDC; + + } + + } else { + Logger.warn("Can NOT estimate type of SPConfiguration. Use SAML1 as default"); + + } + + Logger.debug("SP: " + spConfiguration.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_SAML1); + return PARAM_PROTOCOL_SAML1; + + } + + public static String getEIDSystemEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) { //load from service-provider configuration String msNodeEntityID = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_EID_SYSTEM_SERVICE_URL); @@ -59,4 +99,5 @@ public class Utils { return msNodeEntityID; } + } |