aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-elga_mandate_service/src
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-23 15:16:19 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-23 15:16:19 +0100
commitdb813d7524890a60bbd13f60c9c448dc1ef6cfd6 (patch)
treea6ca0298c64970343c7841347c30a97d611136df /id/server/modules/moa-id-module-elga_mandate_service/src
parentb107abdc2655e62c5d11219f2b90a8e0a85bda91 (diff)
downloadmoa-id-spss-db813d7524890a60bbd13f60c9c448dc1ef6cfd6.tar.gz
moa-id-spss-db813d7524890a60bbd13f60c9c448dc1ef6cfd6.tar.bz2
moa-id-spss-db813d7524890a60bbd13f60c9c448dc1ef6cfd6.zip
add additional parameters to ELGA mandate-service client implementation
Diffstat (limited to 'id/server/modules/moa-id-module-elga_mandate_service/src')
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java7
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java26
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java103
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java16
4 files changed, 139 insertions, 13 deletions
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
index 60dd95338..7ca4590bb 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
@@ -98,6 +98,13 @@ public class ELGAMandatesAuthConstants {
public static final String CONFIG_DEFAULT_QAA_STORK_LEVEL = "http://www.stork.gov.eu/1.0/citizenQAALevel/4";
public static final String CONFIG_DEFAULT_QAA_SECCLASS_LEVEL = "http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE = "rc";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI = "http://egiz.gv.at/namespace/subjectconformationdate/elga";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_ROOT = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":Representative";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_FAMILYNAME = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":FamilyName";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_GIVENNAME = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":GivenName";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_DATEOFBIRTH = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":DateOfBirth";
+
public static List<String> getRequiredAttributeNames() {
List<String> list = new ArrayList<String>();
for (Pair<String, String> el : REQUIRED_PVP_ATTRIBUTES)
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java
index 22cb22c6d..5743590f9 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java
@@ -223,7 +223,8 @@ public class ELGAMandatesMetadataConfiguration implements IPVPMetadataBuilderCon
*/
@Override
public String getSPSLOPostBindingURL() {
- return authURL + ELGAMandatesAuthConstants.ENDPOINT_POST;
+ //return authURL + ELGAMandatesAuthConstants.ENDPOINT_POST;
+ return null;
}
/* (non-Javadoc)
@@ -231,7 +232,8 @@ public class ELGAMandatesMetadataConfiguration implements IPVPMetadataBuilderCon
*/
@Override
public String getSPSLORedirectBindingURL() {
- return authURL + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT;
+ //return authURL + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT;
+ return null;
}
/* (non-Javadoc)
@@ -288,4 +290,24 @@ public class ELGAMandatesMetadataConfiguration implements IPVPMetadataBuilderCon
public String getSPNameForLogging() {
return ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING;
}
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned()
+ */
+ @Override
+ public boolean wantAssertionSigned() {
+ return true;
+
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned()
+ */
+ @Override
+ public boolean wantAuthnRequestSigned() {
+ return true;
+
+ }
}
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java
index 320c4fdc6..60025075f 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java
@@ -22,13 +22,26 @@
*/
package at.gv.egovernment.moa.id.auth.modules.elgamandates.config;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.opensaml.Configuration;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.credential.Credential;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
/**
* @author tlenz
@@ -36,14 +49,15 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderCo
*/
public class ELGAMandatesRequestBuilderConfiguration implements IPVPAuthnRequestBuilderConfiguruation {
- private boolean isPassive;
- private String SPEntityID;
- private String QAA_Level;
- private EntityDescriptor idpEntity;
- private Credential signCred;
- private String subjectNameID;
- private String subjectNameIDQualifier;
- private String requestID;
+ private boolean isPassive = false;
+ private String SPEntityID = null;
+ private String QAA_Level = null;
+ private EntityDescriptor idpEntity = null;
+ private Credential signCred = null;
+ private String subjectNameID = null;
+ private String subjectNameIDQualifier = null;
+ private String requestID = null;
+ private Element subjectConformationDate = null;
/* (non-Javadoc)
@@ -216,8 +230,77 @@ public class ELGAMandatesRequestBuilderConfiguration implements IPVPAuthnRequest
public void setSubjectNameIDQualifier(String subjectNameIDQualifier) {
this.subjectNameIDQualifier = subjectNameIDQualifier;
}
-
-
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationMethode()
+ */
+ @Override
+ public String getSubjectConformationMethode() {
+ return SubjectConfirmation.METHOD_BEARER;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationDate()
+ */
+ @Override
+ public Element getSubjectConformationDate() {
+ return subjectConformationDate;
+ }
+
+ /**
+ * @param subjectConformationDate the subjectConformationDate to set
+ */
+ public void setSubjectConformationDate(String givenName, String familyName, String dateOfBirth) {
+ try {
+ SubjectConfirmationData subjectConformDate = SAML2Utils.createSAMLObject(SubjectConfirmationData.class);
+
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ DocumentBuilder builder = dbf.newDocumentBuilder();
+ Document doc = builder.newDocument();
+
+ Marshaller out = Configuration.getMarshallerFactory()
+ .getMarshaller(subjectConformDate);
+ out.marshall(subjectConformDate, doc);
+
+ //build root element
+ Element rootDom = doc.createElementNS(
+ ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI,
+ ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_ROOT);
+ rootDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ rootDom.setAttributeNS("http://www.w3.org/2000/xmlns/",
+ "xmlns:" + ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE,
+ ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI);
+
+ //build personal information
+ Element familyNameDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_FAMILYNAME);
+ //familyNameDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ familyNameDom.setTextContent(familyName);
+
+ Element givenNameDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_GIVENNAME);
+ //givenNameDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ givenNameDom.setTextContent(givenName);
+
+ Element dateOfBirthDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_DATEOFBIRTH);
+ //dateOfBirthDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ dateOfBirthDom.setTextContent(dateOfBirth);
+
+ //add information to root element
+ doc.getFirstChild().appendChild(rootDom);
+ rootDom.appendChild(givenNameDom);
+ rootDom.appendChild(familyNameDom);
+ rootDom.appendChild(dateOfBirthDom);
+
+ this.subjectConformationDate = doc.getDocumentElement();
+
+ } catch (ParserConfigurationException | MarshallingException e) {
+ Logger.error("Can not generate 'SubjectConformationDate' for "
+ + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING);
+
+ }
+
+
+ }
+
}
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
index 5d98eb46e..6a7858575 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
@@ -122,7 +122,15 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
}
}
-
+
+ //check if identityLink exists in moaSession DAO
+ if (moasession.getIdentityLink() == null) {
+ Logger.error("Connect ELGA Mandate-Service FAILED -> NO identityLink in moaSession DAO");
+ throw new MOAIDException("service.10",
+ new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, "NO identityLink in moaSession DAO."});
+
+ }
+
String sourcePinType = moasession.getIdentityLink().getIdentificationType();
String sourcePinValue = moasession.getIdentityLink().getIdentificationValue();
if (sourcePinType.startsWith(Constants.URN_PREFIX_BASEID)) {
@@ -152,6 +160,12 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
PVPTargetConfiguration.DATAID_INTERFEDERATION_REQUESTID,
authnReqConfig.getRequestID());
+ //set SubjectConformationDate
+ authnReqConfig.setSubjectConformationDate(
+ moasession.getIdentityLink().getGivenName(),
+ moasession.getIdentityLink().getFamilyName(),
+ moasession.getIdentityLink().getDateOfBirth());
+
//store pending-request
requestStoreage.storePendingRequest(pendingReq);