First untested part: Refactor authentication modules and process management to Spring

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-15 18:12:06 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-15 18:12:06 +0100
commit: 1b7401488933f031a68dfe929b25db86279b52d2 (patch)
tree: 5b6126d66845e97d962e080396b740b2935deb07 /id/server/modules/moa-id-modules-saml1
parent: ff8ae7727e4de105a1179288b129429a29bc07ca (diff)
download: moa-id-spss-1b7401488933f031a68dfe929b25db86279b52d2.tar.gz
moa-id-spss-1b7401488933f031a68dfe929b25db86279b52d2.tar.bz2
moa-id-spss-1b7401488933f031a68dfe929b25db86279b52d2.zip
4 files changed, 78 insertions, 80 deletions
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 7f3c353f1..b4c8c37d4 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -27,6 +27,9 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
@@ -43,8 +46,11 @@ import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.URLEncoder;
 import eu.eidas.auth.commons.IPersonalAttributeList;
 
+@Service("SAML1_GetArtifactAction")
 public class GetArtifactAction implements IAction {
 
+	@Autowired private SAML1AuthenticationServer saml1server;
+	
 	public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq,
 			HttpServletResponse httpResp, IAuthData obj) throws AuthenticationException {
 			
@@ -69,15 +75,13 @@ public class GetArtifactAction implements IAction {
 		try {
 			OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
 					.getOnlineApplicationParameter(oaURL);
-			
-			SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace();
-						
+								
 			// add other stork attributes to MOA assertion if available
 			IPersonalAttributeList storkAttributes = authData.getGenericData(
 					AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
 					IPersonalAttributeList.class);
 			if(null != storkAttributes) {
-				List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = SAML1AuthenticationServer.addAdditionalSTORKAttributes(storkAttributes);
+				List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = saml1server.addAdditionalSTORKAttributes(storkAttributes);
 				authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes);
 				Logger.info("MOA assertion assembled and SAML Artifact generated.");
 			}
@@ -88,7 +92,8 @@ public class GetArtifactAction implements IAction {
 				String url = req.getAuthURL() + "/RedirectServlet";
 				url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
 				if (!oaParam.getBusinessService())
-					url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8"));
+					url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, 
+							URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
 				url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
 				url = httpResp.encodeRedirectURL(url);
 				
@@ -100,7 +105,7 @@ public class GetArtifactAction implements IAction {
 				String redirectURL = oaURL;		
 				if (!oaParam.getBusinessService()) {
 					redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET,
-					URLEncoder.encode(req.getTarget(), "UTF-8"));
+					URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
 
 				}
 				
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
index 2b4aaf458..7e46e53fe 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
@@ -54,7 +54,6 @@ import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 
 import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
@@ -134,11 +133,14 @@ public class GetAuthenticationDataService implements Constants {
 					Element samlArtifactElem = (Element)samlArtifactList.item(0);
                     requestID = request.getAttribute("RequestID");
 					String samlArtifact = DOMUtils.getText(samlArtifactElem);
-					SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace();
+					
+					
+					//SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace();
 					
 					try {
-							
-						samlAssertion = saml1server.getSaml1AuthenticationData(samlArtifact);
+
+						samlAssertion = "Find a solution to integrate Axis 1 into Spring";
+						//samlAssertion = saml1server.getSaml1AuthenticationData(samlArtifact);
                         
 						// success
 						statusCode = "samlp:Success";
@@ -148,7 +150,8 @@ public class GetAuthenticationDataService implements Constants {
 					catch (ClassCastException ex) {
 					
 						try {
-							Throwable error = saml1server.getErrorResponse(samlArtifact);
+							//Throwable error = saml1server.getErrorResponse(samlArtifact);
+							Throwable error = new Exception("Find a solution to integrate Axis 1 into Spring");
 							statusCode = "samlp:Responder";
 							
 							ErrorResponseUtils errorUtils = ErrorResponseUtils.getInstance();
@@ -171,12 +174,12 @@ public class GetAuthenticationDataService implements Constants {
 						
 					}
 					
-					catch (AuthenticationException ex) {
-						//no authentication data for given SAML artifact
-						statusCode = "samlp:Requester";
-						subStatusCode = "samlp:ResourceNotRecognized";
-						statusMessage = ex.toString();
-					}
+//					catch (AuthenticationException ex) {
+//						//no authentication data for given SAML artifact
+//						statusCode = "samlp:Requester";
+//						subStatusCode = "samlp:ResourceNotRecognized";
+//						statusMessage = ex.toString();
+//					}
 				}
 			}
 	    catch (Throwable t) {
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 5312d779c..1d06bb48a 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -35,6 +35,8 @@ import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.transform.TransformerException;
 
 import org.apache.commons.lang3.StringEscapeUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
 import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
@@ -60,7 +62,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.storage.AssertionStorage;
+import at.gv.egovernment.moa.id.storage.ITransactionStorage;
 import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
@@ -77,19 +79,10 @@ import eu.eidas.auth.commons.IPersonalAttributeList;
 import eu.eidas.auth.commons.PersonalAttribute;
 //import at.gv.egovernment.moa.id.util.IdentityLinkReSigner;
 
+@Service("SAML1AuthenticationServer")
 public class SAML1AuthenticationServer extends AuthenticationServer {
-	
-	private static SAML1AuthenticationServer instance;
-	
-	public static SAML1AuthenticationServer getInstace() {
-		if (instance == null)
-			instance = new SAML1AuthenticationServer();
 		
-		return instance;
-	}
-	
-	private static AssertionStorage authenticationDataStore =  AssertionStorage.getInstance();
-	
+	@Autowired private ITransactionStorage authenticationDataStore;
 	
 	/**
 	 * time out in milliseconds used by {@link cleanup} for authentication data
@@ -129,7 +122,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 	 * @param iPersonalAttributeList STORK attribute list
 	 * @return
 	 */
-	public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) {
+	public List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) {
 		List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>();
 		
 		if(null == iPersonalAttributeList)
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 6573270e4..417bf4dc9 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -22,18 +22,20 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.saml1;
 
+import java.io.IOException;
 import java.util.Arrays;
-import java.util.HashMap;
 import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringEscapeUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
 
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
@@ -42,17 +44,23 @@ import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters;
-import at.gv.egovernment.moa.id.moduls.IAction;
-import at.gv.egovernment.moa.id.moduls.IModulInfo;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.protocols.AbstractProtocolModulController;
+import at.gv.egovernment.moa.id.protocols.pvp2x.AuthenticationAction;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.URLEncoder;
 
-public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
+@Controller
+public class SAML1Protocol extends AbstractProtocolModulController {
 
+	@Autowired private SAML1AuthenticationServer saml1AuthServer;
+	
+	public static final String REQ_DATA_SOURCEID = "sourceID";
+	public static final String REQ_DATA_TARGET = "target";
+	
 	public static final String NAME = SAML1Protocol.class.getName();
 	public static final String PATH = "id_saml1";
 
@@ -72,24 +80,6 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
 					PVPConstants.EID_SOURCE_PIN_TYPE_NAME
 			});
 	
-	private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
-		
-	static {
-
-		actions.put(GETARTIFACT, new GetArtifactAction());
-		
-		instance = new SAML1Protocol();
-	}
-
-	private static SAML1Protocol instance = null;
-
-	public static SAML1Protocol getInstance() {
-		if (instance == null) {
-			instance = new SAML1Protocol();
-		}
-		return instance;
-	}
-
 	public String getName() {
 		return NAME;
 	}
@@ -98,16 +88,29 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
 		return PATH;
 	}
 
-	public IRequest preProcess(HttpServletRequest request,
-			HttpServletResponse response, String action,
-			String sessionId, String transactionId) throws MOAIDException {
-		SAML1RequestImpl config = new SAML1RequestImpl(request);
-		
+	
+	@RequestMapping(value = "/StartAuthentication", method = {RequestMethod.POST, RequestMethod.GET})
+	public void PVPMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {		
 		if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) {
 			Logger.info("SAML1 is deaktivated!");
 			throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
 			
 		}
+		
+		SAML1RequestImpl pendingRequest = new SAML1RequestImpl(req);
+		pendingRequest.setModule(NAME);
+	
+		//preProcess SAML1 Request
+		preProcess(req, resp, pendingRequest);
+			
+		performAuthentication(req, resp, pendingRequest);
+		return;
+				
+	}
+	
+	
+	public void preProcess(HttpServletRequest request,
+			HttpServletResponse response, SAML1RequestImpl pendingRequest) throws MOAIDException {
 			
 		String oaURL = (String) request.getParameter(PARAM_OA);
 		//oaURL = StringEscapeUtils.escapeHtml(oaURL);
@@ -135,7 +138,7 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
 			throw new WrongParametersException("StartAuthentication", PARAM_OA,
 					"auth.12");
 		
-		config.setOAURL(oaURL);
+		pendingRequest.setOAURL(oaURL);
 		
 		Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
 		
@@ -157,19 +160,23 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
 			throw new InvalidProtocolRequestException("auth.00",
 					new Object[] { null });
 		}
-		config.setOnlineApplicationConfiguration(oaParam);
-		config.setSourceID(sourceID);
+		pendingRequest.setOnlineApplicationConfiguration(oaParam);
+		pendingRequest.setSourceID(sourceID);
 		
-		MOAReversionLogger.getInstance().logEvent(sessionId, transactionId, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST);
+		revisionsLogger.logEvent(pendingRequest, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST);
 		
 		if (MiscUtil.isNotEmpty(target))
-			config.setTarget(target);
+			pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, target);
 		
 		else
-			config.setTarget(oaParam.getTarget());
-			
-				
-		return config;
+			pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, oaParam.getTarget());
+
+		//AuthnRequest needs authentication
+		pendingRequest.setNeedAuthentication(true);
+
+		//set protocol action, which should be executed after authentication
+		pendingRequest.setAction(AuthenticationAction.class.getName());
+						
 	}
 
 	public boolean generateErrorMessage(Throwable e,
@@ -181,9 +188,8 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
 		if (!oa.getSAML1Parameter().isProvideAllErrors())
 			return false;
 		
-		else {
-			SAML1AuthenticationServer saml1authentication = SAML1AuthenticationServer.getInstace();			
-			String samlArtifactBase64 = saml1authentication.BuildErrorAssertion(e, protocolRequest);
+		else {	
+			String samlArtifactBase64 = saml1AuthServer.BuildErrorAssertion(e, protocolRequest);
 		
 			String url = protocolRequest.getAuthURL() + "/RedirectServlet";
 			url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8"));
@@ -199,15 +205,6 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
 		}
 	}
 
-	public IAction getAction(String action) {
-		return actions.get(action);
-	}
-
-	public IAction canHandleRequest(HttpServletRequest request,
-			HttpServletResponse response) {
-		return null;
-	}
-
 	public boolean validate(HttpServletRequest request,
 			HttpServletResponse response, IRequest pending) {
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-15 18:12:06 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-15 18:12:06 +0100
commit	1b7401488933f031a68dfe929b25db86279b52d2 (patch)
tree	5b6126d66845e97d962e080396b740b2935deb07 /id/server/modules/moa-id-modules-saml1
parent	ff8ae7727e4de105a1179288b129429a29bc07ca (diff)
download	moa-id-spss-1b7401488933f031a68dfe929b25db86279b52d2.tar.gz moa-id-spss-1b7401488933f031a68dfe929b25db86279b52d2.tar.bz2 moa-id-spss-1b7401488933f031a68dfe929b25db86279b52d2.zip