aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-sl20_authentication/src/main
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-06-25 13:22:20 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-06-25 13:22:20 +0200
commit30e324851d67bd900471457e3c30a19b4073ec77 (patch)
tree26dc86ca4bee05522dd2eff7ea5dfcbe626d68af /id/server/modules/moa-id-module-sl20_authentication/src/main
parent55f71502a0b62624d5ebc0e4aa749b3f5d5a0bf2 (diff)
downloadmoa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.tar.gz
moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.tar.bz2
moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.zip
add SP specific configuration for SL2.0
Diffstat (limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main')
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java5
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java43
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java37
3 files changed, 52 insertions, 33 deletions
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
index 9fcb3aa58..f474461bf 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
@@ -6,7 +6,8 @@ public class Constants {
public static final String HTTP_ENDPOINT_RESUME = "/sl20/resume";
public static final String CONFIG_PROP_PREFIX = "modules.sl20";
- public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint";
+ public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint.";
+ public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = "default";
public static final String CONFIG_PROP_VDA_AUTHBLOCK_ID = CONFIG_PROP_PREFIX + ".vda.authblock.id";
public static final String CONFIG_PROP_VDA_AUTHBLOCK_TRANSFORMATION_ID = CONFIG_PROP_PREFIX + ".vda.authblock.transformation.id";
public static final String CONFIG_PROP_SECURITY_KEYSTORE_PATH = CONFIG_PROP_PREFIX + ".security.keystore.path";
@@ -16,7 +17,7 @@ public class Constants {
public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS = CONFIG_PROP_PREFIX + ".security.encryption.alias";;
public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD = CONFIG_PROP_PREFIX + ".security.encryption.password";
- public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT + ".";
+ public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID;
public static final String CONFIG_PROP_SP_LIST = CONFIG_PROP_PREFIX + ".sp.entityIds.";
public static final String CONFIG_PROP_DISABLE_EID_VALIDATION = CONFIG_PROP_PREFIX + ".security.eID.validation.disable";
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 367e7b604..2c106b52e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -27,15 +27,18 @@ import java.util.List;
import javax.annotation.PostConstruct;
-import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import at.gv.egovernment.moa.id.auth.modules.AuthModule;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
/**
* @author tlenz
@@ -75,23 +78,43 @@ public class SL20AuthenticationModulImpl implements AuthModule {
*/
@Override
public String selectProcess(ExecutionContext context) {
+ Object spConfigObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_SP_CONFIG);
+ IOAAuthParameters spConfig = null;
+ if (spConfigObj != null && spConfigObj instanceof IOAAuthParameters)
+ spConfig = (IOAAuthParameters)spConfigObj;
+
String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase());
String sl20VDATypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
- if ( StringUtils.isNotBlank(sl20ClientTypeHeader)
-// && (
-// StringUtils.isNotBlank(sl20VDATypeHeader)
-// //&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim())
-// )
- ) {
- Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found");
+ if (spConfig != null &&
+ MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)) &&
+ Boolean.valueOf(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) {
+ Logger.debug("SL2.0 is enabled for " + spConfig.getPublicURLPrefix());
+ Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + ": " + sl20ClientTypeHeader);
+ Logger.trace(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE + ": " + sl20VDATypeHeader);
return "SL20Authentication";
} else {
- Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found");
+ Logger.trace("SL2.0 is NOT enabled for " + spConfig.getPublicURLPrefix());
return null;
- }
+ }
+
+
+// if ( StringUtils.isNotBlank(sl20ClientTypeHeader)
+//// && (
+//// StringUtils.isNotBlank(sl20VDATypeHeader)
+//// //&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim())
+//// )
+// ) {
+// Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found");
+// return "SL20Authentication";
+//
+// } else {
+// Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE + "' header found");
+// return null;
+//
+// }
}
/* (non-Javadoc)
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index b87d614c5..883ae07f2 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -39,7 +39,9 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUti
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
import at.gv.egovernment.moa.id.util.SSLUtils;
@@ -202,30 +204,22 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
}
private String extractVDAURLForSpecificOA(IOAAuthParameters oaConfig, ExecutionContext executionContext) {
+ String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);
+ Map<String, String> endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+ if (MiscUtil.isNotEmpty(spSpecificVDAEndpoints)) {
+ endPointMap.putAll(KeyValueUtils.convertListToMap(
+ KeyValueUtils.getListOfCSVValues(
+ KeyValueUtils.normalizeCSVValueString(spSpecificVDAEndpoints))));
+ Logger.debug("Find OA specific SL2.0 endpoints. Updating endPoint list ... ");
+
+ }
+
+ Logger.trace("Find #" + endPointMap.size() + " SL2.0 endpoints ... ");
- //selection based on EntityID
-// Map<String, String> listOfVDAs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
-// Map<String, String> listOfSPs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_SP_LIST);
-//
-// for (Entry<String, String> el : listOfSPs.entrySet()) {
-// List<String> spEntityIds = KeyValueUtils.getListOfCSVValues(el.getValue());
-// if (spEntityIds.contains(oaConfig.getPublicURLPrefix())) {
-// Logger.trace("Select VDA endPoint with Id: " + el.getKey());
-// if (listOfVDAs.containsKey(el.getKey()))
-// return listOfVDAs.get(el.getKey());
-//
-// else
-// Logger.info("No VDA endPoint with Id: " + el.getKey());
-//
-// } else
-// Logger.trace("SP list: " + el.getKey() + " does not contain OAIdentifier: " + oaConfig.getPublicURLPrefix());
-//
-// }
-
//selection based on request Header
String sl20VDATypeHeader = (String) executionContext.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
if (MiscUtil.isNotEmpty(sl20VDATypeHeader)) {
- String vdaURL = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST + sl20VDATypeHeader);
+ String vdaURL = endPointMap.get(sl20VDATypeHeader);
if (MiscUtil.isNotEmpty(vdaURL))
return vdaURL.trim();
@@ -235,7 +229,8 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
}
Logger.info("NO SP specific VDA endpoint found. Use default VDA");
- return authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT);
+ return endPointMap.getOrDefault(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT,
+ Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT);
}