aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/module-stork/src/main/java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-01-12 10:44:13 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-01-12 10:44:13 +0100
commit68017565392861db4958716971d5be38faf5fff6 (patch)
treea062aad32d972dcf1ac8da8d7acdf060a855d587 /id/server/modules/module-stork/src/main/java
parent74e36f95b4fb49b37b05d5e93c9404f795c964df (diff)
downloadmoa-id-spss-68017565392861db4958716971d5be38faf5fff6.tar.gz
moa-id-spss-68017565392861db4958716971d5be38faf5fff6.tar.bz2
moa-id-spss-68017565392861db4958716971d5be38faf5fff6.zip
refactore STORK authentication module to use generic MOASession data-storage
Diffstat (limited to 'id/server/modules/module-stork/src/main/java')
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java5
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java7
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java14
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java33
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java19
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java8
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java13
7 files changed, 67 insertions, 32 deletions
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java
index 939390847..ee4961d5e 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java
@@ -21,6 +21,7 @@ import org.apache.commons.io.IOUtils;
import org.xml.sax.SAXException;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.BKUException;
@@ -113,7 +114,9 @@ public abstract class AbstractPepsConnectorWithLocalSigningTask extends Abstract
moaSession.setIdentityLink(identityLink);
Logger.debug("Adding addtional STORK attributes to MOA session");
- moaSession.setStorkAttributes(personalAttributeList);
+ moaSession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,
+ personalAttributeList);
// We don't have BKUURL, setting from null to "Not applicable"
moaSession.setBkuURL("Not applicable (STORK Authentication)");
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
index ef61739f8..901762f17 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
@@ -46,6 +46,7 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -264,7 +265,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
//attributeList.add(newAttribute);
//store SignRequest for later...
- moasession.setSignedDoc(signedDoc);
+ moasession.setGenericDataToSession("STORK_signDoc", signedDoc);
acsURL = issuerValue + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
// TODO[branch]: STORK AuthReq acsURL "/PEPSConnectorWithLocalSigning"
@@ -339,7 +340,9 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
Logger.debug("STORK AuthnRequest successfully internally validated.");
//send
- moasession.setStorkAuthnRequest(authnRequest);
+ moasession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_REQUEST,
+ authnRequest);
// do PEPS-conform logging for easier evaluation
try {
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
index 7b9fa3f12..f872241ae 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
@@ -22,6 +22,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
@@ -142,7 +143,10 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
moaSession.setXMLVerifySignatureResponse(tmp);
executionContext.put("identityLinkAvailable", false);
try {
- IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList();
+ IPersonalAttributeList personalAttributeList =
+ moaSession.getGenericDataFromSession(
+ AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,
+ IPersonalAttributeList.class);
// Add SignResponse TODO Add signature (extracted from signResponse)?
List<String> values = new ArrayList<String>();
values.add(signResponseString);
@@ -151,7 +155,8 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, "Available");
personalAttributeList.add(signedDocAttribute);
- String authnContextClassRef = moaSession.getAuthnContextClassRef();
+ String authnContextClassRef = moaSession.getGenericDataFromSession(
+ "STORK_authContextClass", String.class);
SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef, citizenSignature);
executionContext.put("identityLinkAvailable", true);
} catch (STORKException e) {
@@ -187,8 +192,9 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
}
Logger.debug("Add full STORK AuthnResponse to MOA session");
- moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
- // authnResponse?
+ moaSession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_RESPONSE,
+ request.getParameter("SAMLResponse"));
MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
index 304e5f495..8240f6d00 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
@@ -2,18 +2,15 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
import iaik.x509.X509Certificate;
-import java.io.IOException;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
-import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.velocity.Template;
@@ -24,6 +21,7 @@ import org.opensaml.saml2.core.StatusCode;
import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
@@ -204,7 +202,10 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
Logger.debug("MOA session is still valid");
- STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
+ STORKAuthnRequest storkAuthnRequest =
+ moaSession.getGenericDataFromSession(
+ AuthenticationSessionStorageConstants.STORK_REQUEST,
+ STORKAuthnRequest.class);
if (storkAuthnRequest == null) {
Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
@@ -263,11 +264,15 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
} else {
// store SAMLResponse
- moaSession.setSAMLResponse(request.getParameter("SAMLResponse"));
+ moaSession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_RESPONSE,
+ request.getParameter("SAMLResponse"));
// store authnResponse
// moaSession.setAuthnResponse(authnResponse);//not serializable
- moaSession.setAuthnResponseGetPersonalAttributeList(attributeList);
+ moaSession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,
+ attributeList);
String authnContextClassRef = null;
try {
@@ -277,12 +282,12 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
}
- moaSession.setAuthnContextClassRef(authnContextClassRef);
- moaSession.setReturnURL(request.getRequestURL());
+ moaSession.setGenericDataToSession("STORK_authContextClass", authnContextClassRef);
+ moaSession.setGenericDataToSession("STORK_returnURL", request.getRequestURL());
// load signedDoc
- String signRequest = moaSession.getSignedDoc();
-
+ String signRequest = moaSession.getGenericDataFromSession("STORK_signDoc", String.class);
+
// session is implicit stored in changeSessionID!!!!
String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
@@ -380,9 +385,11 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
}
Logger.debug("Add full STORK AuthnResponse to MOA session");
- moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
- // authnResponse?
-
+ moaSession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_RESPONSE,
+ request.getParameter("SAMLResponse"));
+
+
// session is implicit stored in changeSessionID!!!!
String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
index b505605ab..8322d1a02 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
@@ -2,7 +2,6 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
import iaik.x509.X509Certificate;
-import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
import java.net.URL;
@@ -11,7 +10,6 @@ import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
-import java.util.Properties;
import javax.activation.DataSource;
import javax.servlet.http.HttpServletRequest;
@@ -39,6 +37,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -243,7 +242,10 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
Logger.debug("MOA session is still valid");
- STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
+ STORKAuthnRequest storkAuthnRequest =
+ moaSession.getGenericDataFromSession(
+ AuthenticationSessionStorageConstants.STORK_REQUEST,
+ STORKAuthnRequest.class);
if (storkAuthnRequest == null) {
Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
@@ -575,10 +577,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
moaSession.setIdentityLink(identityLink);
Logger.debug("Adding addtional STORK attributes to MOA session");
- moaSession.setStorkAttributes(attributeList);
-
+ moaSession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,
+ attributeList);
+
Logger.debug("Add full STORK AuthnResponse to MOA session");
- moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));
+ moaSession.setGenericDataToSession(
+ AuthenticationSessionStorageConstants.STORK_RESPONSE,
+ request.getParameter("SAMLResponse"));
+
// We don't have BKUURL, setting from null to "Not applicable"
moaSession.setBkuURL("Not applicable (STORK Authentication)");
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java
index 9a0598cf6..fb9172f6e 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java
@@ -24,8 +24,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes;
import eu.stork.peps.auth.commons.IPersonalAttributeList;
import eu.stork.peps.auth.commons.PersonalAttribute;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.stork.STORKConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
import at.gv.egovernment.moa.logging.Logger;
@@ -43,7 +42,10 @@ public class STORKAttributHelper {
throw new UnavailableAttributeException(attributName);
} else {
- IPersonalAttributeList storkAttributes = authSession.getStorkAttributes();
+ IPersonalAttributeList storkAttributes =
+ authSession.getGenericData(
+ AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,
+ IPersonalAttributeList.class);
if ( storkAttributes == null ) {
throw new UnavailableAttributeException(attributName);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 2c7e5b539..f9f38e2d5 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -23,6 +23,7 @@
package at.gv.egovernment.moa.id.protocols.stork2;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.data.AuthenticationRole;
import at.gv.egovernment.moa.id.data.IAuthData;
@@ -30,6 +31,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
import eu.stork.peps.auth.commons.PersonalAttribute;
import eu.stork.peps.auth.commons.PersonalAttributeList;
import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType;
@@ -83,12 +85,17 @@ public class MOAAttributeProvider {
public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) {
String storkAttribute = requestedAttribute.getName();
-
+
+ IPersonalAttributeList storkAttributes =
+ authData.getGenericData(
+ AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,
+ IPersonalAttributeList.class);
+
// TODO: check if authData gets populated with stork attributtes during previous steps; it seems it is not
- if (null != authData && null != authData.getStorkAttributes() && authData.getStorkAttributes().containsKey(requestedAttribute.getName())) {
+ if (null != authData && null != storkAttributes && storkAttributes.containsKey(requestedAttribute.getName())) {
Logger.debug("Trying to get value for attribute directly from STORK2 response [" + storkAttribute + "]");
try {
- PersonalAttribute tmp = authData.getStorkAttributes().get(requestedAttribute.getName());
+ PersonalAttribute tmp = storkAttributes.get(requestedAttribute.getName());
attributeList.add((PersonalAttribute) tmp.clone());
} catch(Exception e) {
Logger.error("Could not retrieve attribute from STORK2 response: " + storkAttribute);