aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-06-14 16:30:49 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-06-14 16:30:49 +0200
commit6b38531ef2a829e3dab513ae8c679511a848421d (patch)
treed783a3e7cef0e5c0154e49766be2d56a52644894 /id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols
parent3b26a365d832d4b0664777d2c348606247022564 (diff)
downloadmoa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.tar.gz
moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.tar.bz2
moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.zip
untested, but without dependency problems
Diffstat (limited to 'id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols')
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java11
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java26
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java12
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java4
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java4
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java12
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java39
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java46
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java16
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java3
13 files changed, 109 insertions, 106 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
index 7d25af05a..a9a3ef01f 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
@@ -1,8 +1,5 @@
package at.gv.egovernment.moa.id.protocols.eidas;
-import java.util.Collection;
-
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
@@ -30,13 +27,7 @@ public class EIDASData extends RequestImpl {
private String remoteIPAddress;
private String remoteRelayState;
-
- @Override
- public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
- // TODO Auto-generated method stub
- return null;
- }
-
+
/**
* Gets the eidas requested attributes.
*
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index 8ed9e1f2e..ce5f4dc6b 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -45,8 +45,9 @@ import org.springframework.web.bind.annotation.RequestMethod;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
-import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
@@ -59,7 +60,6 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -81,9 +81,11 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
*
* @author tlenz
*/
-@Controller
+@Controller
public class EIDASProtocol extends AbstractAuthProtocolModulController implements IModulInfo {
+ public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE";
+
public static final String NAME = EIDASProtocol.class.getName();
public static final String PATH = "eidas";
@@ -109,11 +111,11 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
//eIDAS metadata end-point
@RequestMapping(value = "/eidas/metadata", method = {RequestMethod.GET})
- public void eIDASMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException {
+ public void eIDASMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws EAAFException {
//create pendingRequest object
EIDASData pendingReq = applicationContext.getBean(EIDASData.class);
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(NAME);
pendingReq.setNeedAuthentication(false);
pendingReq.setAuthenticated(false);
@@ -138,11 +140,11 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
//PVP2.x IDP POST-Binding end-point
@RequestMapping(value = "/eidas/ColleagueRequest", method = {RequestMethod.POST})
- public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
+ public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
//create pending-request object
EIDASData pendingReq = applicationContext.getBean(EIDASData.class);
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(NAME);
revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier());
@@ -192,7 +194,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider);
String cititzenCountryCode =
- authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
+ authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
MOAIDAuthConstants.COUNTRYCODE_AUSTRIA);
@@ -222,7 +224,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
}
//check eIDAS node configuration
- IOAAuthParameters oaConfig = authConfig.getOnlineApplicationParameter(samlReq.getIssuer());
+ ISPConfiguration oaConfig = authConfig.getServiceProviderConfiguration(samlReq.getIssuer());
if (oaConfig == null)
throw new EIDASAuthnRequestProcessingException("eIDAS.08", new Object[]{samlReq.getIssuer()});
@@ -347,7 +349,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
pendingReq.setRemoteRelayState(relayState);
//store level of assurance
- pendingReq.setGenericDataToSession(RequestImpl.eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE,
+ pendingReq.setGenericDataToSession(eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE,
eIDASSamlReq.getEidasLevelOfAssurance().stringValue());
//set flag if transiend identifier is requested
@@ -364,7 +366,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
pendingReq.setEidasRequest(eIDASSamlReq);
// - memorize OA url
- pendingReq.setOAURL(samlReq.getIssuer());
+ pendingReq.setSPEntityId(samlReq.getIssuer());
// - memorize OA config
pendingReq.setOnlineApplicationConfiguration(oaConfig);
@@ -487,7 +489,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
private boolean iseIDASTargetAValidOrganisation(String reqCC, String bPKTargetArea) {
if (MiscUtil.isNotEmpty(reqCC)) {
List<String> allowedOrganisations = KeyValueUtils.getListOfCSVValues(
- authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROPS_EIDAS_BPK_TARGET_PREFIX + reqCC.toLowerCase()));
+ authConfig.getBasicConfiguration(Constants.CONFIG_PROPS_EIDAS_BPK_TARGET_PREFIX + reqCC.toLowerCase()));
if (allowedOrganisations.contains(bPKTargetArea)) {
Logger.debug(bPKTargetArea + " is a valid OrganisationIdentifier for request-country: "+ reqCC);
return true;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
index 5df905d31..bbd132a3b 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
@@ -28,10 +28,10 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Service;
-import at.gv.egiz.eaaf.core.api.IAction;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egiz.eaaf.core.api.data.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
@@ -56,7 +56,7 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
*/
@Service("EidasMetaDataRequest")
public class EidasMetaDataRequest implements IAction {
-
+
@Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider;
@Autowired(required=true) AuthConfiguration authConfig;
@@ -136,7 +136,7 @@ public class EidasMetaDataRequest implements IAction {
metadataConfigBuilder.authnRequestsSigned(true);
metadataConfigBuilder.wantAssertionsSigned(true);
metadataConfigBuilder.assuranceLevel(
- authConfig.getBasicMOAIDConfiguration(
+ authConfig.getBasicConfiguration(
Constants.CONIG_PROPS_EIDAS_NODE_LoA,
MOAIDAuthConstants.eIDAS_LOA_HIGH));
@@ -172,7 +172,7 @@ public class EidasMetaDataRequest implements IAction {
if (pvpOrganisation != null) {
eu.eidas.auth.engine.metadata.OrganizationData.Builder organizationConfig = OrganizationData.builder();
organizationConfig.url(pvpOrganisation.getURLs().get(0).getURL().getLocalString());
- organizationConfig.name(authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRY, "Austria"));
+ organizationConfig.name(authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRY, "Austria"));
//TODO: add display name and maybe update name
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java
index 15060fb52..84b68f91a 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java
@@ -22,12 +22,12 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
/**
* @author tlenz
*
*/
-public interface IeIDASAttribute extends IAttributeBuilder{
+public interface IeIDASAttribute extends IAttributeBuilder{
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java
index 64e5ae770..1f00af765 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java
@@ -22,14 +22,14 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.BirthdateAttributeBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BirthdateAttributeBuilder;
/**
* @author tlenz
*
*/
public class eIDASAttrDateOfBirth extends BirthdateAttributeBuilder implements IeIDASAttribute {
-
+
@Override
public String getName() {
return eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.DATE_OF_BIRTH.getNameUri().toString();
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java
index 6fde4696a..50b270765 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java
@@ -22,10 +22,10 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
/**
* @author tlenz
@@ -36,7 +36,7 @@ public class eIDASAttrFamilyName implements IeIDASAttribute{
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#getName()
*/
- @Override
+ @Override
public String getName() {
return eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_FAMILY_NAME.getNameUri().toString();
}
@@ -45,8 +45,8 @@ public class eIDASAttrFamilyName implements IeIDASAttribute{
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
return g.buildStringAttribute(null, getName(), authData.getFamilyName());
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java
index 812e9f83a..3b83a9793 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java
@@ -22,10 +22,10 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
/**
* @author tlenz
@@ -45,8 +45,8 @@ public class eIDASAttrGivenName implements IeIDASAttribute{
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
return g.buildStringAttribute(null, getName(), authData.getGivenName());
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
index 028be9096..7f18c21cb 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
@@ -22,11 +22,12 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -38,24 +39,26 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class eIDASAttrLegalPersonIdentifier extends MandateLegalPersonSourcePinAttributeBuilder implements IeIDASAttribute {
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
- if(authData.isUseMandate()) {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IMOAAuthData) {
+ if(((IMOAAuthData)authData).isUseMandate()) {
- //extract eIDAS unique Id prefix from naturalPerson bPK identifier
- if (MiscUtil.isEmpty(authData.getBPKType())
+ //extract eIDAS unique Id prefix from naturalPerson bPK identifier
+ if (MiscUtil.isEmpty(authData.getBPKType())
|| !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
- Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
- }
-
- //add eIDAS eID prefix to legal person identifier
- String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
- String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(authData);
- return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
- MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
+ }
+ //add eIDAS eID prefix to legal person identifier
+ String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
+ String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(((IMOAAuthData)authData));
+ return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
+ MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
+ }
}
return null;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java
index f36f9298c..14b1d06b6 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java
@@ -24,14 +24,14 @@ package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
import java.security.MessageDigest;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeProcessingUtils;
import at.gv.egovernment.moa.id.data.Trible;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -54,8 +54,8 @@ public class eIDASAttrNaturalPersonalIdentifier implements IeIDASAttribute{
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
String personalID = authData.getBPK();
//generate eIDAS conform 'PersonalIdentifier' attribute
@@ -64,7 +64,7 @@ public class eIDASAttrNaturalPersonalIdentifier implements IeIDASAttribute{
if (MiscUtil.isEmpty(authData.getBPKType())
|| !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java
index 692896842..6c65872e4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java
@@ -22,11 +22,12 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -37,24 +38,27 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class eIDASAttrRepresentativeLegalPersonIdentifier extends MandateLegalPersonSourcePinAttributeBuilder implements IeIDASAttribute {
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
- if(authData.isUseMandate()) {
-
- //extract eIDAS unique Id prefix from naturalPerson bPK identifier
- if (MiscUtil.isEmpty(authData.getBPKType())
- || !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
- Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IMOAAuthData) {
+ if(((IMOAAuthData)authData).isUseMandate()) {
+
+ //extract eIDAS unique Id prefix from naturalPerson bPK identifier
+ if (MiscUtil.isEmpty(authData.getBPKType())
+ || !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
+ Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
+
+ }
+
+ //add eIDAS eID prefix to legal person identifier
+ String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
+ String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(((IMOAAuthData)authData));
+ return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
+ MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
- }
-
- //add eIDAS eID prefix to legal person identifier
- String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
- String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(authData);
- return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
- MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
-
+ }
}
return null;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java
index 98915a562..6c3bfc569 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java
@@ -24,16 +24,16 @@ package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
import java.security.MessageDigest;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeProcessingUtils;
import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.data.Trible;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonBPKAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -56,8 +56,8 @@ public class eIDASAttrRepresentativeNaturalPersonalIdentifier extends MandateNat
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
try {
Pair<String, String> calcResult = internalBPKGenerator(oaParam, authData);
@@ -71,7 +71,7 @@ public class eIDASAttrRepresentativeNaturalPersonalIdentifier extends MandateNat
if (MiscUtil.isEmpty(type)
|| !type.startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
index 509d4b71a..82d0facd4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
@@ -36,10 +36,10 @@ import org.springframework.stereotype.Service;
import com.google.common.collect.ImmutableSet;
-import at.gv.egiz.eaaf.core.api.IAction;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egiz.eaaf.core.api.data.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
@@ -47,6 +47,7 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetada
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeBuilder;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.data.SLOInformationImpl;
import at.gv.egovernment.moa.logging.Logger;
@@ -71,7 +72,7 @@ import eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils;
*/
@Service("eIDASAuthenticationRequest")
-public class eIDASAuthenticationRequest implements IAction {
+public class eIDASAuthenticationRequest implements IAction {
@Autowired protected IRevisionLogger revisionsLogger;
@Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider;
@@ -93,7 +94,8 @@ public class eIDASAuthenticationRequest implements IAction {
ImmutableAttributeMap reqAttributeList = (ImmutableAttributeMap) eidasRequest.getEidasRequestedAttributes();
//add mandate attr. to requested attributes of eMandates are used an no mandate attr. are requested
- if (authData.isUseMandate()) {
+ if (authData instanceof IMOAAuthData
+ && ((IMOAAuthData)authData).isUseMandate()) {
Logger.trace("eMandates are used. Starting eIDAS requsted attr. update process ....");
Builder reqAttrWithMandates = ImmutableAttributeMap.builder(reqAttributeList);
@@ -154,7 +156,7 @@ public class eIDASAuthenticationRequest implements IAction {
//add attributes
responseBuilder.attributes(eIDASAttrbutMap);
- //set success statuscode
+ //set success statuscode
responseBuilder.statusCode(StatusCode.SUCCESS_URI);
//build response
@@ -246,7 +248,7 @@ public class eIDASAuthenticationRequest implements IAction {
private void buildAndAddAttribute(ImmutableAttributeMap.Builder attrMapBuilder, AttributeDefinition<?> attr, IRequest req, IAuthData authData) throws MOAIDException {
Pair<AttributeDefinition<?>, ImmutableSet<AttributeValue<?>>> eIDASAttr = eIDASAttributeBuilder.buildAttribute(
- attr, req.getOnlineApplicationConfiguration(), authData);
+ attr, req.getServiceProviderConfiguration(), authData);
if(eIDASAttr == null) {
if (attr.isRequired()) {
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java
index 48b438b09..24d24db2c 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java
@@ -26,6 +26,7 @@ import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeProcessingUtils;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.data.Trible;
import at.gv.egovernment.moa.logging.Logger;
@@ -46,7 +47,7 @@ public class eIDASResponseValidator {
* validate received LoA against minimum required LoA |
*_____________________________________________________|
*/
- LevelOfAssurance reqLoA = LevelOfAssurance.fromString(pendingReq.getOnlineApplicationConfiguration().getQaaLevel());
+ LevelOfAssurance reqLoA = LevelOfAssurance.fromString(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).getQaaLevel());
LevelOfAssurance respLoA = LevelOfAssurance.fromString(samlResp.getLevelOfAssurance());
if (respLoA.numericValue() < reqLoA.numericValue()) {
Logger.error("eIDAS Response LevelOfAssurance is lower than the required! "