refactor PVP implementation to share code with PVP Service-Provider moduls

4 files changed, 39 insertions, 65 deletions

diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index 416445fa6..34ab0eaba 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -29,6 +29,9 @@ import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 
 import org.opensaml.saml2.core.Attribute;
+import org.springframework.beans.factory.config.BeanDefinition;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Component;
 
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
@@ -43,18 +46,18 @@ import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
 import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ResponseTypeException;
 import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder;
 import at.gv.egovernment.moa.logging.Logger;
 
+@Component("OAuth20AuthRequest")
+@Scope(value = BeanDefinition.SCOPE_PROTOTYPE)
 public class OAuth20AuthRequest extends OAuth20BaseRequest {
 	
 	/**
 	 * @param req
 	 * @throws ConfigurationException
 	 */
-	public OAuth20AuthRequest(HttpServletRequest req)
-			throws ConfigurationException {
-		super(req);
+	public OAuth20AuthRequest()  {
+		super();
 				
 		//AuthnRequest needs authentication
 		this.setNeedAuthentication(true);
@@ -236,6 +239,6 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
 			}
 		}
 		
-		return AttributQueryBuilder.buildSAML2AttributeList(this.getOnlineApplicationConfiguration(), reqAttr.keySet().iterator());
+		return attributQueryBuilder.buildSAML2AttributeList(this.getOnlineApplicationConfiguration(), reqAttr.keySet().iterator());
 	}
 }
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index 5906964a4..4eae5ac3b 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -38,7 +38,6 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.RequestImpl;
 import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
 import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
-import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidRequestException;
 import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException;
 import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
@@ -49,11 +48,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
 	private static final long serialVersionUID = 1L;
 	
 	protected Set<String> allowedParameters = new HashSet<String>();
-	
-	public OAuth20BaseRequest(HttpServletRequest req) throws ConfigurationException {
-		super(req);
-	}
-	
+		
 	protected String getParam(final HttpServletRequest request, final String name, final boolean isNeeded) throws OAuth20Exception {
 		String param = request.getParameter(name);
 		Logger.debug("Reading param " + name + " from HttpServletRequest with value " + param);
@@ -119,28 +114,4 @@ abstract class OAuth20BaseRequest extends RequestImpl {
 	
 	protected abstract void populateSpecialParameters(final HttpServletRequest request) throws OAuth20Exception;
 	
-	public static OAuth20BaseRequest newInstance(final String action, final HttpServletRequest request) throws OAuth20Exception {
-		OAuth20BaseRequest res;
-		try {
-			if (action.equals(OAuth20Protocol.AUTH_ACTION)) {
-				res = new OAuth20AuthRequest(request);
-			
-			} else if (action.equals(OAuth20Protocol.TOKEN_ACTION)) {
-				res = new OAuth20TokenRequest(request);
-			
-			} else {
-				throw new OAuth20InvalidRequestException();
-			}
-			
-		} catch (ConfigurationException e) {
-			Logger.warn(e.getMessage());
-			throw new OAuth20InvalidRequestException();
-			
-		}
-		
-		res.setModule(OAuth20Protocol.NAME);
-		
-		res.populateParameters(request);
-		return res;
-	}
 }
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 20fe71518..b88365e39 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -74,8 +74,17 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController {
 			
 		}
 		
-		//PreProcess
-		IRequest pendingReq = preProcess(req, resp, AUTH_ACTION);
+		OAuth20AuthRequest pendingReq = applicationContext.getBean(OAuth20AuthRequest.class);
+		try {			
+			pendingReq.initialize(req);
+			pendingReq.setModule(OAuth20Protocol.NAME);		
+			pendingReq.populateParameters(req);
+			
+		} catch (OAuth20Exception e) {
+			Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
+			throw new InvalidProtocolRequestException(e.getMessage(), null);
+			
+		}
 		
 		revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier());
 		revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier());						
@@ -99,9 +108,18 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController {
 			
 		}
 		
-		//PreProcess
-		IRequest pendingReq = preProcess(req, resp, TOKEN_ACTION);
-		
+		OAuth20TokenRequest pendingReq = applicationContext.getBean(OAuth20TokenRequest.class);
+		try {			
+			pendingReq.initialize(req);
+			pendingReq.setModule(OAuth20Protocol.NAME);		
+			pendingReq.populateParameters(req);
+			
+		} catch (OAuth20Exception e) {
+			Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
+			throw new InvalidProtocolRequestException(e.getMessage(), null);
+			
+		}
+				
 		revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier());
 		revisionsLogger.logEvent(MOAIDEventConstants.TRANSACTION_CREATED, pendingReq.getUniqueTransactionIdentifier());						
 		revisionsLogger.logEvent(
@@ -114,28 +132,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController {
 		performAuthentication(req, resp, (RequestImpl)pendingReq);
 		
 	}
-	
-	/*
-	 * (non-Javadoc)
-	 * @see
-	 * at.gv.egovernment.moa.id.moduls.IModulInfo#preProcess(javax.servlet.http.HttpServletRequest,
-	 * javax.servlet.http.HttpServletResponse, java.lang.String)
-	 */
-	public IRequest preProcess(HttpServletRequest request, HttpServletResponse resp, String action) throws MOAIDException {
-		// validation is done inside creation
 		
-		try {
-			OAuth20BaseRequest res = OAuth20BaseRequest.newInstance(action, request);
-			Logger.debug("Created: " + res);
-			return res;
-			
-		} catch (OAuth20Exception e) {
-			Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
-			throw new InvalidProtocolRequestException(e.getMessage(), null);
-			
-		}
-	}
-	
 	/*
 	 * (non-Javadoc)
 	 * @see
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
index 9b0ee099e..3fad5d83e 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -27,6 +27,9 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 
 import org.opensaml.saml2.core.Attribute;
+import org.springframework.beans.factory.config.BeanDefinition;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Component;
 
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
@@ -39,16 +42,16 @@ import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidGrant
 import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException;
 import at.gv.egovernment.moa.logging.Logger;
 
+@Component("OAuth20TokenRequest")
+@Scope(value = BeanDefinition.SCOPE_PROTOTYPE)
 class OAuth20TokenRequest extends OAuth20BaseRequest {
 	
 	/**
 	 * @param req
 	 * @throws ConfigurationException
 	 */
-	public OAuth20TokenRequest(HttpServletRequest req)
-			throws ConfigurationException {
-		super(req);
-		
+	public OAuth20TokenRequest() {
+		super();
 		//AuthnRequest needs authentication
 		this.setNeedAuthentication(false);