update SSO-transfer-modul for new mobile app

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-03-01 10:13:50 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-03-01 10:13:50 +0100
commit: e9d885d2dbcfa2234bfa3b1db701c3956278624d (patch)
tree: e3e7a512633346f6c74bc267f721f052e5bd5245 /id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
parent: 116263de6a4043fd217ea12f73f0b08db90f1935 (diff)
download: moa-id-spss-e9d885d2dbcfa2234bfa3b1db701c3956278624d.tar.gz
moa-id-spss-e9d885d2dbcfa2234bfa3b1db701c3956278624d.tar.bz2
moa-id-spss-e9d885d2dbcfa2234bfa3b1db701c3956278624d.zip
1 files changed, 209 insertions, 0 deletions
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
new file mode 100644
index 000000000..6deb8eb2b
--- /dev/null
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
@@ -0,0 +1,209 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.elgamandates.utils;
+
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.RoleDescriptor;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.xml.XMLObject;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
+import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.SimpleMOAMetadataProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MOASPMetadataSignatureFilter;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter;
+import at.gv.egovernment.moa.id.saml2.MetadataFilterChain;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+
+@Service("ELGAMandate_MetadataProvider")
+public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvider {
+
+	@Autowired AuthConfiguration authConfig;
+	
+	private HTTPMetadataProvider metadataProvider = null;
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#requireValidMetadata()
+	 */
+	@Override
+	public boolean requireValidMetadata() {
+		if (metadataProvider == null) {
+			Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized");
+			return false;
+			
+		} else
+			return metadataProvider.requireValidMetadata();
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#setRequireValidMetadata(boolean)
+	 */
+	@Override
+	public void setRequireValidMetadata(boolean requireValidMetadata) {
+		if (metadataProvider == null) {
+			Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized");
+			
+		} else		
+			metadataProvider.setRequireValidMetadata(requireValidMetadata);;
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getMetadataFilter()
+	 */
+	@Override
+	public MetadataFilter getMetadataFilter() {
+		if (metadataProvider == null) {
+			Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized");
+			return null;
+			
+		} else		
+			return metadataProvider.getMetadataFilter();
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#setMetadataFilter(org.opensaml.saml2.metadata.provider.MetadataFilter)
+	 */
+	@Override
+	public void setMetadataFilter(MetadataFilter newFilter) throws MetadataProviderException {
+		Logger.fatal("Set Metadata Filter is not implemented her!");
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getMetadata()
+	 */
+	@Override
+	public XMLObject getMetadata() throws MetadataProviderException {
+		if (metadataProvider == null) {
+			Logger.error("ELGA Mandate-Service metadata-provider is not initialized");
+			throw new MetadataProviderException("ELGA Mandate-Service metadata-provider is not initialized");
+			
+		}
+		
+		return metadataProvider.getMetadata();
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getEntitiesDescriptor(java.lang.String)
+	 */
+	@Override
+	public EntitiesDescriptor getEntitiesDescriptor(String name) throws MetadataProviderException {
+		if (metadataProvider == null) {
+			Logger.fatal("ELGA Mandate-Service metadata-provider is not initialized");
+			throw new MetadataProviderException("ELGA Mandate-Service metadata-provider is not initialized");
+			
+		} else		
+			return metadataProvider.getEntitiesDescriptor(name);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getEntityDescriptor(java.lang.String)
+	 */
+	@Override
+	public EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException {
+		if (metadataProvider == null) 
+			initialize(entityID);
+										
+		try {
+			EntityDescriptor entityDesc = metadataProvider.getEntityDescriptor(entityID);
+			if (entityDesc == null) {
+				Logger.error("ELGA Mandate-Service Client ERROR: No EntityID with "+ entityID);
+				throw new MetadataProviderException("No EntityID with "+ entityID);
+			}
+			
+			return entityDesc;
+			
+		} catch (MetadataProviderException e) {
+			Logger.error("ELGA Mandate-Service Client ERROR: Metadata extraction FAILED.", e);
+			throw new MetadataProviderException("Metadata extraction FAILED", e);
+			
+		}
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getRole(java.lang.String, javax.xml.namespace.QName)
+	 */
+	@Override
+	public List<RoleDescriptor> getRole(String entityID, QName roleName) throws MetadataProviderException {
+		if (metadataProvider == null)
+			initialize(entityID);
+		
+		return metadataProvider.getRole(entityID, roleName);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataProvider#getRole(java.lang.String, javax.xml.namespace.QName, java.lang.String)
+	 */
+	@Override
+	public RoleDescriptor getRole(String entityID, QName roleName, String supportedProtocol)
+			throws MetadataProviderException {
+		if (metadataProvider == null)
+			initialize(entityID);
+		
+		return metadataProvider.getRole(entityID, roleName, supportedProtocol);
+	}
+	
+	private void initialize(String entityID) throws MetadataProviderException {
+		Logger.info("Initialize PVP MetadataProvider to connect ELGA Mandate-Service");
+		
+		String trustProfileID = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_METADATA_TRUSTPROFILE);
+		if (MiscUtil.isEmpty(trustProfileID)) {
+			Logger.error("Create ELGA Mandate-Service Client FAILED: No trustProfileID to verify PVP metadata." );
+			throw new MetadataProviderException("No trustProfileID to verify PVP metadata.");
+		}
+						
+		//create metadata validation filter chain
+		MetadataFilterChain filter = new MetadataFilterChain();
+		filter.addFilter(new SchemaValidationFilter(true));
+		filter.addFilter(new MOASPMetadataSignatureFilter(trustProfileID));
+		
+		metadataProvider = createNewHTTPMetaDataProvider(entityID, 
+				filter, 
+				ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING);
+		
+		metadataProvider.setRequireValidMetadata(true);
+
+		
+		if (metadataProvider == null) {
+			Logger.error("Create ELGA Mandate-Service Client FAILED.");
+			throw new MetadataProviderException("Can not initialize ELGA Mandate-Service metadaa provider.");
+			
+		}
+	}
+}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-03-01 10:13:50 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-03-01 10:13:50 +0100
commit	e9d885d2dbcfa2234bfa3b1db701c3956278624d (patch)
tree	e3e7a512633346f6c74bc267f721f052e5bd5245 /id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
parent	116263de6a4043fd217ea12f73f0b08db90f1935 (diff)
download	moa-id-spss-e9d885d2dbcfa2234bfa3b1db701c3956278624d.tar.gz moa-id-spss-e9d885d2dbcfa2234bfa3b1db701c3956278624d.tar.bz2 moa-id-spss-e9d885d2dbcfa2234bfa3b1db701c3956278624d.zip