diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-02-24 06:37:18 +0100 | 
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-02-24 06:37:18 +0100 | 
| commit | 00bda730737cfc41794fb82eadf11175f4e0ce70 (patch) | |
| tree | d898b7de88454f929de12995dc8c988cff958579 /id/server/modules/moa-id-module-eIDAS/src | |
| parent | f981c4104724a916d937a0a903e16f5e7da7e4df (diff) | |
| parent | beb1b84572d38646d9b55a7014484e5d1cd38eab (diff) | |
| download | moa-id-spss-00bda730737cfc41794fb82eadf11175f4e0ce70.tar.gz moa-id-spss-00bda730737cfc41794fb82eadf11175f4e0ce70.tar.bz2 moa-id-spss-00bda730737cfc41794fb82eadf11175f4e0ce70.zip | |
Merge remote-tracking branch 'remotes/origin/eSense_eIDAS_development' into moa-id-3.2_(OPB)
Diffstat (limited to 'id/server/modules/moa-id-module-eIDAS/src')
3 files changed, 34 insertions, 1 deletions
| diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java index d1de2e96b..909b29fab 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/Constants.java @@ -39,7 +39,7 @@ public class Constants {  	//default implementations for eIDAS SAML-engine functionality  	public static final String SAML_SIGNING_IMPLENTATION = "eu.eidas.auth.engine.core.impl.SignSW"; -	public static final String SAML_ENCRYPTION_IMPLENTATION = "eu.eidas.auth.engine.core.impl.EncryptionSW"; +	public static final String SAML_ENCRYPTION_IMPLENTATION = "at.gv.egovernment.moa.id.auth.modules.eidas.config.ModifiedEncryptionSW";  	//configuration property keys  	public static final String CONIG_PROPS_EIDAS_PREFIX="moa.id.protocols.eIDAS"; diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java new file mode 100644 index 000000000..bdd8c8e72 --- /dev/null +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/ModifiedEncryptionSW.java @@ -0,0 +1,29 @@ +package at.gv.egovernment.moa.id.auth.modules.eidas.config; + +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.logging.Logger; +import eu.eidas.auth.engine.core.impl.EncryptionSW; + +/** + * This encryption module asks the moa configuration on whether to encrypt the response or not. In doubt, encryption is enforced. + */ +public class ModifiedEncryptionSW extends EncryptionSW { + +	@Override +	public boolean isEncryptionEnable(String countryCode) { +		// - encrypt if so configured +		try { +			AuthConfiguration moaconfig = AuthConfigurationProviderFactory.getInstance(); +			Boolean useEncryption = moaconfig.getStorkConfig().getCPEPS(countryCode).isXMLSignatureSupported(); +			Logger.info(useEncryption ? "using encryption" : "do not use encrpytion"); +			return useEncryption; +		} catch(NullPointerException | ConfigurationException e) { +			Logger.warn("failed to gather information about encryption for countryCode " + countryCode + " - thus, enabling encryption"); +			if(Logger.isDebugEnabled()) +				e.printStackTrace(); +			return true; +		} +	} +} diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java index 0702c34d5..d75d4b1b9 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java @@ -118,6 +118,10 @@ public class eIDASAuthenticationRequest implements IAction {  		try {  			EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); +			// encryption is done by the SamlEngine, i.e. by the module we provide in the config +			// but we need to set the appropriate request issuer +			engine.setRequestIssuer(eidasRequest.getEidasRequest().getIssuer()); +  			// check if we have the destination available, supply it if not  			if(null == eidasRequest.getEidasRequest().getAssertionConsumerServiceURL()) {  				String assertionConsumerUrl = MetadataUtil.getAssertionUrlFromMetadata( | 
