move authentication protocol implementation to separate modules.

authentication protocol modules are loaded by SPI now.

1 files changed, 157 insertions, 0 deletions

diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
new file mode 100644
index 000000000..6bebe5a6a
--- /dev/null
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -0,0 +1,157 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.protocols.oauth20.protocol;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.opensaml.saml2.core.Attribute;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidGrantException;
+import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException;
+import at.gv.egovernment.moa.logging.Logger;
+
+class OAuth20TokenRequest extends OAuth20BaseRequest {
+	
+	private static final long serialVersionUID = 1L;
+	
+	private String code;
+	private String grantType;
+	private String clientID;
+	private String clientSecret;
+	
+	/**
+	 * @return the code
+	 */
+	public String getCode() {
+		return code;
+	}
+	
+	/**
+	 * @param code
+	 *            the code to set
+	 */
+	public void setCode(String code) {
+		this.code = code;
+	}
+	
+	/**
+	 * @return the grantType
+	 */
+	public String getGrantType() {
+		return grantType;
+	}
+	
+	/**
+	 * @param grantType
+	 *            the grantType to set
+	 */
+	public void setGrantType(String grantType) {
+		this.grantType = grantType;
+	}
+	
+	/**
+	 * @return the clientID
+	 */
+	public String getClientID() {
+		return clientID;
+	}
+	
+	/**
+	 * @param clientID
+	 *            the clientID to set
+	 */
+	public void setClientID(String clientID) {
+		this.clientID = clientID;
+	}
+	
+	/**
+	 * @return the clientSecret
+	 */
+	public String getClientSecret() {
+		return clientSecret;
+	}
+	
+	/**
+	 * @param clientSecret
+	 *            the clientSecret to set
+	 */
+	public void setClientSecret(String clientSecret) {
+		this.clientSecret = clientSecret;
+	}
+	
+	@Override
+	protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+		this.setCode(this.getParam(request, OAuth20Constants.RESPONSE_CODE, true));
+		this.setGrantType(this.getParam(request, OAuth20Constants.PARAM_GRANT_TYPE, true));
+		this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true));
+		this.setClientSecret(this.getParam(request, OAuth20Constants.PARAM_CLIENT_SECRET, true));
+		
+		// check for grant type
+		if (!this.getGrantType().equals(OAuth20Constants.PARAM_GRANT_TYPE_VALUE_AUTHORIZATION_CODE)) {
+			throw new OAuth20InvalidGrantException();
+		}
+		
+		// check if client id and secret are ok
+		try {
+			// OAOAUTH20 cannot be null at this point. check was done in base request
+			OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL());
+			
+			if (!this.getClientID().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))) {
+				throw new OAuth20AccessDeniedException();
+			}
+			
+			if (!this.getClientSecret().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET))) {
+				throw new OAuth20AccessDeniedException();
+			}
+			
+			this.setOnlineApplicationConfiguration(oaParam);
+			
+		}
+		catch (ConfigurationException e) {
+			throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
+		}
+		
+		Logger.info("Dispatch OpenIDConnect TokenRequest: ClientID=" + this.clientID);
+		
+		//add valid parameters
+		this.allowedParameters.add(OAuth20Constants.PARAM_SCOPE);
+		this.allowedParameters.add(OAuth20Constants.PARAM_REDIRECT_URI);
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
+	 */
+	@Override
+	public List<Attribute> getRequestedAttributes() {
+		return null;
+	}
+}