diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-07-02 07:26:30 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-07-02 07:26:30 +0200 |
| commit | 5bc01dab26425144a41dbece04b642fb963e1315 (patch) | |
| tree | 543fe5f7b8d576c7e85ba711c1f9bf03d3dc699f /id/server/modules/module-stork/src/main/java/at/gv/egovernment | |
| parent | 06e63a4fb89dd92583fc3e72e12750becdd6c8ef (diff) | |
| download | moa-id-spss-5bc01dab26425144a41dbece04b642fb963e1315.tar.gz moa-id-spss-5bc01dab26425144a41dbece04b642fb963e1315.tar.bz2 moa-id-spss-5bc01dab26425144a41dbece04b642fb963e1315.zip | |
devel
Diffstat (limited to 'id/server/modules/module-stork/src/main/java/at/gv/egovernment')
4 files changed, 332 insertions, 12 deletions
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java index 6f5cf0700..939390847 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java @@ -54,6 +54,8 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList; public abstract class AbstractPepsConnectorWithLocalSigningTask extends AbstractAuthServletTask {
+ public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning";
+
String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException,
TransformerConfigurationException, UtilsException, TransformerException,
TransformerFactoryConfigurationError, IOException, ApiUtilsException {
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java index 11051ceec..8b013ab4d 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java @@ -2,13 +2,49 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks; import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.math.BigInteger;
+import java.net.URL;
+import java.security.NoSuchAlgorithmException;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.List;
+
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringEscapeUtils;
+import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.common.IdentifierGenerator;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.w3c.dom.DOMException;
+
+import eu.stork.oasisdss.api.AdditionalProfiles;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.Profiles;
+import eu.stork.oasisdss.api.QualityLevels;
+import eu.stork.oasisdss.api.SignatureTypes;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.profile.AnyType;
+import eu.stork.oasisdss.profile.DocumentType;
+import eu.stork.oasisdss.profile.SignRequest;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -17,12 +53,17 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
+import at.gv.egovernment.moa.id.config.stork.StorkAttribute;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
+import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -95,7 +136,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported());
Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc());
- AuthenticationServer.startSTORKAuthentication(req, resp, moasession);
+ startSTORKAuthentication(req, resp, moasession);
} catch (MOAIDException ex) {
throw new TaskExecutionException(ex.getMessage(), ex);
@@ -110,5 +151,285 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { ConfigurationDBUtils.closeSession();
}
}
+
+ /**
+ * Starts a MOA-ID authentication process using STORK
+ *
+ * @param req HttpServletRequest
+ * @param resp HttpServletResponse
+ * @param ccc Citizen country code
+ * @param oaURL URL of the online application
+ * @param target Target parameter
+ * @param targetFriendlyName Friendly Name of Target
+ * @param authURL Authentication URL
+ * @param sourceID SourceID parameter
+ * @throws MOAIDException
+ * @throws AuthenticationException
+ * @throws WrongParametersException
+ * @throws ConfigurationException
+ */
+ public void startSTORKAuthentication(
+ HttpServletRequest req,
+ HttpServletResponse resp,
+ AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
+
+ if (moasession == null) {
+ throw new AuthenticationException("auth.18", new Object[]{});
+ }
+
+ //read configuration paramters of OA
+ OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+ if (oaParam == null)
+ throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()});
+
+ //Start of STORK Processing
+ STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig();
+
+ CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
+
+ Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:");
+ String destination = cpeps.getPepsURL().toExternalForm();
+ Logger.debug("C-PEPS URL: " + destination);
+
+
+ String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+ // String acsURL = new DataURLBuilder().buildDataURL(issuerValue,
+ // PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());
+
+
+ String providerName = oaParam.getFriendlyName();
+ Logger.debug("Issuer value: " + issuerValue);
+
+ // prepare collection of required attributes
+ // - attributes for online application
+ Collection<StorkAttribute> attributesFromConfig = oaParam.getRequestedSTORKAttributes();
+
+ // - prepare attribute list
+ PersonalAttributeList attributeList = new PersonalAttributeList();
+
+ // - fill container
+ for (StorkAttribute current : attributesFromConfig) {
+ PersonalAttribute newAttribute = new PersonalAttribute();
+ newAttribute.setName(current.getName());
+
+ boolean globallyMandatory = false;
+ for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
+ if (current.getName().equals(currentGlobalAttribute.getName())) {
+ globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.getMandatory());
+ break;
+ }
+
+ newAttribute.setIsRequired(current.getMandatory() || globallyMandatory);
+ attributeList.add(newAttribute);
+ }
+
+ // add sign request
+ PersonalAttribute newAttribute = new PersonalAttribute();
+ newAttribute.setName("signedDoc");
+ newAttribute.setIsRequired(true);
+ List<String> value = new ArrayList<String>();
+
+ Logger.debug("PEPS supports XMLSignatures:"+cpeps.isXMLSignatureSupported());
+ String acsURL;
+ if(cpeps.isXMLSignatureSupported())//Send SignRequest to PEPS
+ {
+ //solve Problem with sessionIDs
+ acsURL = issuerValue + PepsConnectorTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+
+ value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+ "application/xhtml+xml", moasession.getCcc()));
+ newAttribute.setValue(value);
+ attributeList.add(newAttribute);
+
+ // TODO[branch]: STORK AuthReq CPEPS acsURL "/PEPSConnector"
+ }
+ else//Process SignRequest locally with MOCCA
+ {
+ String target = moasession.getTarget();
+ moasession.setTarget("AT");
+ String signedDoc = (generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+ "application/xhtml+xml", "AT"));//moasession.getCcc()
+ moasession.setTarget(target);
+ Logger.warn("signedDoc to store:"+signedDoc);
+ //attributeList.add(newAttribute);
+
+ //store SignRequest for later...
+ moasession.setSignedDoc(signedDoc);
+
+ acsURL = issuerValue + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+ // TODO[branch]: STORK AuthReq acsURL "/PEPSConnectorWithLocalSigning"
+ try {
+ AuthenticationSessionStoreage.storeSession(moasession);
+ } catch (MOADatabaseException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ }
+ Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
+
+ if (Logger.isDebugEnabled()) {
+ Logger.debug("The following attributes are requested for this OA:");
+ for (StorkAttribute logReqAttr : attributesFromConfig)
+ Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.getMandatory());
+ }
+
+ //TODO: check Target in case of SSO!!
+ String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget();
+ String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName();
+ String spApplication = spInstitution;
+ String spCountry = "AT"; // intentionally set AT - the flow is limited on that use case only
+
+ //generate AuthnRquest
+ STORKAuthnRequest authnRequest = new STORKAuthnRequest();
+ authnRequest.setDestination(destination);
+ authnRequest.setAssertionConsumerServiceURL(acsURL);//PEPSConnectorWithLocalSigning
+ authnRequest.setProviderName(providerName);
+ authnRequest.setIssuer(issuerValue);
+ authnRequest.setQaa(oaParam.getQaaLevel());
+ authnRequest.setSpInstitution(spInstitution);
+ authnRequest.setSpCountry(spCountry);
+ authnRequest.setSpApplication(spApplication);
+ authnRequest.setSpSector(spSector);
+ authnRequest.setPersonalAttributeList(attributeList);
+
+ //TODO change
+ authnRequest.setEIDCrossBorderShare(true);
+ authnRequest.setEIDCrossSectorShare(true);
+ authnRequest.setEIDSectorShare(true);
+
+ authnRequest.setCitizenCountryCode(moasession.getCcc());
+
+ Logger.debug("STORK AuthnRequest succesfully assembled.");
+
+ STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing");
+
+ if (samlEngine == null) {
+ Logger.error("Could not initalize STORK SAML engine.");
+ throw new MOAIDException("stork.00", null);
+ }
+
+ try {
+ authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
+ } catch (STORKSAMLEngineException e) {
+ Logger.error("Could not sign STORK SAML AuthnRequest.", e);
+ throw new MOAIDException("stork.00", null);
+ }
+
+ Logger.info("STORK AuthnRequest successfully signed!");
+
+ //validate AuthnRequest
+ try {
+ samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml());
+ } catch (STORKSAMLEngineException e) {
+ Logger.error("STORK SAML AuthnRequest not valid.", e);
+ throw new MOAIDException("stork.01", null);
+ }
+
+ Logger.debug("STORK AuthnRequest successfully internally validated.");
+
+ //send
+ moasession.setStorkAuthnRequest(authnRequest);
+
+ // do PEPS-conform logging for easier evaluation
+ try {
+ // 2015-03-12 16:44:27.144#S-PEPS receives request from SP#spurl#spepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#
+ Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives request from SP#" +
+ moasession.getPublicOAURLPrefix() + "#" + issuerValue + "#" + spApplication + "#" +
+ new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() +
+ "#_hash_#" + moasession.getProcessInstanceId() + "#");
+ } catch (Exception e1) {
+ Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
+ }
+
+ AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId());
+
+
+ Logger.info("Preparing to send STORK AuthnRequest.");
+ Logger.info("prepared STORKAuthnRequest: ");
+ Logger.info(new String(authnRequest.getTokenSaml()));
+
+ try {
+ Logger.trace("Initialize VelocityEngine...");
+
+ VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
+ Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm");
+ VelocityContext context = new VelocityContext();
+ context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml()));
+ context.put("RelayState", moasession.getSessionID());
+ context.put("action", destination);
+
+ StringWriter writer = new StringWriter();
+ template.merge(context, writer);
+
+ // TODO[branch]: SAML2 Form Submit to CPEPS, response to acsURL Servlet
+
+ resp.setContentType("text/html;charset=UTF-8");
+ resp.getOutputStream().write(writer.toString().getBytes("UTF-8"));
+
+ } catch (Exception e) {
+ Logger.error("Error sending STORK SAML AuthnRequest.", e);
+ throw new MOAIDException("stork.02", new Object[]{destination});
+
+ }
+
+ Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
+
+ // do PEPS-conform logging for easier evaluation
+ try {
+ // 2015-03-12 16:44:27.144#S-PEPS generates request to C-PEPS#spepsurl#cpepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#id2#
+ Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates request to C-PEPS#" +
+ issuerValue + "#" + destination + "#" + spApplication + "#" +
+ new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() +
+ "#_hash_#" + moasession.getProcessInstanceId() + "#" + authnRequest.getSamlId() + "#");
+ } catch (Exception e1) {
+ Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage());
+ }
+ }
+ private String generateDssSignRequest(String text, String mimeType, String citizenCountry) {
+ IdentifierGenerator idGenerator;
+ try {
+ idGenerator = new SecureRandomIdentifierGenerator();
+
+ DocumentType doc = new DocumentType();
+ doc.setBase64XML(text.getBytes("UTF-8"));
+ doc.setID(idGenerator.generateIdentifier());
+
+ SignRequest request = new SignRequest();
+ request.setInputDocuments(ApiUtils.createInputDocuments(doc));
+
+ String id = idGenerator.generateIdentifier();
+ request.setRequestID(id);
+ request.setDocUI(id);
+
+ request.setProfile(Profiles.XADES_BES.toString());
+ request.setNumberOfSigners(BigInteger.ONE);
+ request.setTargetCountry(citizenCountry);
+
+ // no, no todo. PEPS will alter this value anyhow.
+ request.setReturnURL("http://invalid_return");
+
+ AnyType required = new AnyType();
+ required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
+ required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
+ required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
+ required.getAny().add(ApiUtils.createIncludeObject(doc));
+ request.setOptionalInputs(required);
+
+ return IOUtils.toString(ApiUtils.marshalToInputStream(request));
+ } catch (NoSuchAlgorithmException e) {
+ Logger.error("Cannot generate id", e);
+ throw new RuntimeException(e);
+ } catch (ApiUtilsException e) {
+ Logger.error("Could not create SignRequest", e);
+ throw new RuntimeException(e);
+ } catch (DOMException e) {
+ Logger.error("Could not create SignRequest", e);
+ throw new RuntimeException(e);
+ } catch (IOException e) {
+ Logger.error("Could not create SignRequest", e);
+ throw new RuntimeException(e);
+ }
+ }
}
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java index 84570141e..d9188d4fc 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java @@ -5,6 +5,7 @@ import iaik.x509.X509Certificate; import java.io.IOException;
import java.io.StringWriter;
import java.util.ArrayList;
+import java.util.Collection;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
@@ -26,12 +27,11 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet;
import at.gv.egovernment.moa.id.auth.stork.STORKException;
import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
-import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -290,17 +290,17 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
String acsURL = issuerValue
- + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
+ + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
String url = acsURL + "?moaSessionID=" + newMOASessionID;
// redirect to OASIS module and sign there
boolean found = false;
try {
- List<AttributeProviderPlugin> aps = AuthConfigurationProviderFactory.getInstance()
+ Collection<StorkAttributeProviderPlugin> aps = AuthConfigurationProviderFactory.getInstance()
.getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs();
Logger.info("Found AttributeProviderPlugins:" + aps.size());
- for (AttributeProviderPlugin ap : aps) {
+ for (StorkAttributeProviderPlugin ap : aps) {
Logger.info("Found AttributeProviderPlugin attribute:" + ap.getAttributes());
if (ap.getAttributes().equalsIgnoreCase("signedDoc")) {
// FIXME: A servlet's class field is not thread safe!!!
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 748b7df5d..4a12e72ca 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -30,7 +30,6 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
import org.opensaml.saml2.core.StatusCode;
-import org.springframework.format.datetime.DateFormatter;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -43,7 +42,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
import at.gv.egovernment.moa.id.auth.stork.STORKException;
import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
@@ -64,10 +62,8 @@ import at.gv.egovernment.moa.util.XPathUtils; import at.gv.util.xsd.xmldsig.SignatureType;
import at.gv.util.xsd.xmldsig.X509DataType;
import eu.stork.documentservice.DocumentService;
-import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl;
import eu.stork.oasisdss.api.ApiUtils;
import eu.stork.oasisdss.api.LightweightSourceResolver;
-import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
import eu.stork.oasisdss.profile.DocumentType;
import eu.stork.oasisdss.profile.DocumentWithSignature;
import eu.stork.oasisdss.profile.SignResponse;
@@ -123,6 +119,8 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; */
public class PepsConnectorTask extends AbstractAuthServletTask {
+ public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnector";
+
public PepsConnectorTask() {
super();
@@ -336,7 +334,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { // ////////////////////////////////////////////////////////////////////////
- AuthConfigurationProvider config = AuthConfigurationProvider.getInstance();
+ AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
String citizenSignature = null;
if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
Logger.debug("signedDoc extraction skipped due to configuration");
@@ -456,7 +454,6 @@ public class PepsConnectorTask extends AbstractAuthServletTask { IdentityLink identityLink = null;
executionContext.put("identityLinkAvailable", false);
try {
- AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) {
// create fake IdL
// - fetch IdL template from resources
|