untested, but without dependency problems

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-14 16:30:49 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-14 16:30:49 +0200
commit: 6b38531ef2a829e3dab513ae8c679511a848421d (patch)
tree: d783a3e7cef0e5c0154e49766be2d56a52644894 /id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth
parent: 3b26a365d832d4b0664777d2c348606247022564 (diff)
download: moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.tar.gz
moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.tar.bz2
moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.zip
4 files changed, 34 insertions, 33 deletions
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 1b49c3969..a2b58931e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -27,11 +27,11 @@ import javax.annotation.PostConstruct;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
-import at.gv.egiz.eaaf.core.impl.idp.auth.AuthenticationManager;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.logging.Logger;
 
 /**
@@ -46,8 +46,8 @@ public class SL20AuthenticationModulImpl implements AuthModule {
 	@Autowired(required=true) private AuthenticationManager authManager;
 	
 	@Override
-	public int getPriority() {
-		return priority;
+	public int getPriority() { 
+		return priority; 
 	}
 
 	/**
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
index e0965c712..2766eab05 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
@@ -29,6 +29,7 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20SecurityEx
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoBuildException;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.utils.X509Utils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.FileUtils;
@@ -226,34 +227,34 @@ public class JsonSecurityUtils implements IJOSETools{
 			return null;
 	}
 	
-	private String getKeyStoreFilePath() {
+	private String getKeyStoreFilePath() throws ConfigurationException {
 		return FileUtils.makeAbsoluteURL(
-					authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PATH), 
+					authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PATH), 
 					authConfig.getRootConfigFileDir());
 	}
 	
 	private String getKeyStorePassword() {
-		return authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD).trim();
+		return authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD).trim();
 
 	}
 	
 	private String getSigningKeyAlias() {
-		return authConfig.getBasicMOAIDConfiguration(
+		return authConfig.getBasicConfiguration(
 				Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_ALIAS).trim();
 	}
 	
 	private String getSigningKeyPassword() {
-		return authConfig.getBasicMOAIDConfiguration(
+		return authConfig.getBasicConfiguration(
 				Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_PASSWORD).trim();
 	}
 
 	private String getEncryptionKeyAlias() {
-		return authConfig.getBasicMOAIDConfiguration(
+		return authConfig.getBasicConfiguration(
 				Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS).trim();
 	}
 	
 	private String getEncryptionKeyPassword() {
-		return authConfig.getBasicMOAIDConfiguration(
+		return authConfig.getBasicConfiguration(
 				Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD).trim();
 	}
 	
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index 85ec1e213..77ccb0720 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -22,7 +22,8 @@ import org.springframework.stereotype.Component;
 
 import com.google.gson.JsonObject;
 
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
@@ -38,7 +39,6 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUti
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.id.util.SSLUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moaspss.logging.Logger;
@@ -47,8 +47,9 @@ import at.gv.egovernment.moaspss.logging.Logger;
 public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 
 	@Autowired(required=true) private IJOSETools joseTools;
+	@Autowired private AuthConfiguration moaAuthConfig;
 	
-	@Override
+	@Override 
 	public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
 			throws TaskExecutionException {
 			
@@ -56,17 +57,17 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 
 			try {
 				//get service-provider configuration
-				IOAAuthParameters oaConfig = pendingReq.getOnlineApplicationConfiguration();
+				ISPConfiguration oaConfig = pendingReq.getServiceProviderConfiguration();
 				
 				//get basic configuration parameters
-				String vdaQualeIDUrl = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID);				
+				String vdaQualeIDUrl = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID);				
 				if (MiscUtil.isEmpty(vdaQualeIDUrl)) {
 					Logger.error("NO VDA URL for qualified eID (" + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID + ")");
 					throw new SL20Exception("sl20.03", new Object[]{"NO VDA URL for qualified eID"});
 					
 				}
 				
-				String authBlockId = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_AUTHBLOCK_ID);
+				String authBlockId = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_VDA_AUTHBLOCK_ID);
 				if (MiscUtil.isEmpty(authBlockId)) {
 					Logger.error("NO AuthBlock Template identifier for qualified eID (" + Constants.CONFIG_PROP_VDA_AUTHBLOCK_ID + ")");
 					throw new SL20Exception("sl20.03", new Object[]{"NO AuthBlock Template identifier for qualified eID"});
@@ -75,11 +76,11 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 				
 				//build DataURL for qualified eID response
 				String dataURL = new DataURLBuilder().buildDataURL(
-						pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_DATAURL, pendingReq.getRequestID());
+						pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_DATAURL, pendingReq.getPendingRequestId());
 				
 				//build qualifiedeID command
 				Map<String, String> qualifiedeIDParams = new HashMap<String, String>();
-				qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPUNIQUEID, oaConfig.getPublicURLPrefix());
+				qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPUNIQUEID, oaConfig.getUniqueIdentifier());
 				qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPFRIENDLYNAME, oaConfig.getFriendlyName());			
 				//qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_MANDATEREFVALUE, UUID.randomUUID().toString());
 
@@ -95,11 +96,11 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 								
 				//open http client
 				SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(
-						authConfig,
+						moaAuthConfig,
 						vdaQualeIDUrl);
 				CloseableHttpClient httpClient = HttpClientWithProxySupport.getHttpClient(
 						sslFactory,
-						authConfig.getBasicMOAIDConfigurationBoolean(AuthConfiguration.PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION, true));
+						moaAuthConfig.getBasicMOAIDConfigurationBoolean(AuthConfiguration.PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION, true));
 				
 				//build post request
 				HttpPost httpReq = new HttpPost(new URIBuilder(vdaQualeIDUrl).build());								
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index 2ad19e088..325e1906d 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -13,7 +13,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.http.entity.ContentType;
-import org.jose4j.keys.X509Util;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
@@ -22,12 +21,14 @@ import com.google.gson.JsonObject;
 import com.google.gson.JsonParser;
 import com.google.gson.JsonSyntaxException;
 
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
 import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
-import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;
 import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception;
@@ -38,14 +39,11 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONBuilderUtils;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUtils;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.DateTimeUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moaspss.logging.Logger;
-import iaik.esi.sva.util.X509Utils;
-import iaik.utils.Util;
 
 @Component("ReceiveQualeIDTask")
 public class ReceiveQualeIDTask extends AbstractAuthServletTask {
@@ -55,7 +53,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 	@Override
 	public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
 			throws TaskExecutionException {
-		
+		 
 		Logger.debug("Receiving SL2.0 response process .... ");
 		try {
 			//get SL2.0 command or result from HTTP request
@@ -131,7 +129,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				
 				
 				//add into session
-				defaultTaskInitialization(request, executionContext);
+				AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
 				moasession.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(idlB64, false))).parseIdentityLink());
 				moasession.setBkuURL(ccsURL);
 				//TODO: from AuthBlock
@@ -143,13 +141,14 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				pendingReq.setAuthenticated(true);
 								
 				//store pending request
+				pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
 				requestStoreage.storePendingRequest(pendingReq);
 								
 				//create response 
 				Map<String, String> reqParameters = new HashMap<String, String>();
-				reqParameters.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, pendingReq.getRequestID());
+				reqParameters.put(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReq.getPendingRequestId());
 				JsonObject callReqParams = SL20JSONBuilderUtils.createCallCommandParameters(
-						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT, null), 
+						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null), 
 						SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_METHOD_GET, 
 						false, 
 						reqParameters);
@@ -161,7 +160,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 								
 				//build second redirect command for IDP
 				JsonObject redirectTwoParams = SL20JSONBuilderUtils.createRedirectCommandParameters(
-						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT, null), 
+						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null), 
 						redirectOneCommand, null, true);
 				JsonObject redirectTwoCommand = SL20JSONBuilderUtils.createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_REDIRECT, redirectTwoParams);
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-14 16:30:49 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-14 16:30:49 +0200
commit	6b38531ef2a829e3dab513ae8c679511a848421d (patch)
tree	d783a3e7cef0e5c0154e49766be2d56a52644894 /id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth
parent	3b26a365d832d4b0664777d2c348606247022564 (diff)
download	moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.tar.gz moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.tar.bz2 moa-id-spss-6b38531ef2a829e3dab513ae8c679511a848421d.zip