refactore STORK authentication module to use generic MOASession data-storage

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-01-12 10:44:13 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-01-12 10:44:13 +0100
commit: 68017565392861db4958716971d5be38faf5fff6 (patch)
tree: a062aad32d972dcf1ac8da8d7acdf060a855d587 /id/server/modules/module-stork
parent: 74e36f95b4fb49b37b05d5e93c9404f795c964df (diff)
download: moa-id-spss-68017565392861db4958716971d5be38faf5fff6.tar.gz
moa-id-spss-68017565392861db4958716971d5be38faf5fff6.tar.bz2
moa-id-spss-68017565392861db4958716971d5be38faf5fff6.zip
7 files changed, 67 insertions, 32 deletions
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java
index 939390847..ee4961d5e 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java
@@ -21,6 +21,7 @@ import org.apache.commons.io.IOUtils;
 import org.xml.sax.SAXException;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BKUException;
@@ -113,7 +114,9 @@ public abstract class AbstractPepsConnectorWithLocalSigningTask extends Abstract
 		moaSession.setIdentityLink(identityLink);
 
 		Logger.debug("Adding addtional STORK attributes to MOA session");
-		moaSession.setStorkAttributes(personalAttributeList);
+		moaSession.setGenericDataToSession(
+				AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
+				personalAttributeList);
 
 		// We don't have BKUURL, setting from null to "Not applicable"
 		moaSession.setBkuURL("Not applicable (STORK Authentication)");
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
index ef61739f8..901762f17 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
@@ -46,6 +46,7 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -264,7 +265,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
 			//attributeList.add(newAttribute);
 
 			//store SignRequest for later...
-			moasession.setSignedDoc(signedDoc);
+			moasession.setGenericDataToSession("STORK_signDoc", signedDoc);
 
 			acsURL = issuerValue + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
 			// TODO[branch]: STORK AuthReq acsURL "/PEPSConnectorWithLocalSigning"
@@ -339,7 +340,9 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
 		Logger.debug("STORK AuthnRequest successfully internally validated.");
 
 		//send
-		moasession.setStorkAuthnRequest(authnRequest);
+		moasession.setGenericDataToSession(
+				AuthenticationSessionStorageConstants.STORK_REQUEST, 
+				authnRequest);
 
 		// do PEPS-conform logging for easier evaluation
 		try {
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
index 7b9fa3f12..f872241ae 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java
@@ -22,6 +22,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
@@ -142,7 +143,10 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
 			moaSession.setXMLVerifySignatureResponse(tmp);
 			executionContext.put("identityLinkAvailable", false);
 			try {
-				IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList();
+				IPersonalAttributeList personalAttributeList = 
+						moaSession.getGenericDataFromSession(
+								AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
+								IPersonalAttributeList.class);
 				// Add SignResponse TODO Add signature (extracted from signResponse)?
 				List<String> values = new ArrayList<String>();
 				values.add(signResponseString);
@@ -151,7 +155,8 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
 				PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, "Available");
 				personalAttributeList.add(signedDocAttribute);
 
-				String authnContextClassRef = moaSession.getAuthnContextClassRef();
+				String authnContextClassRef = moaSession.getGenericDataFromSession(
+						"STORK_authContextClass", String.class);
 				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef, citizenSignature);
 				executionContext.put("identityLinkAvailable", true);
 			} catch (STORKException e) {
@@ -187,8 +192,9 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec
 			}
 
 			Logger.debug("Add full STORK AuthnResponse to MOA session");
-			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
-																					// authnResponse?
+			moaSession.setGenericDataToSession(
+					AuthenticationSessionStorageConstants.STORK_RESPONSE, 
+					request.getParameter("SAMLResponse"));
 			
 			MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED);
 			
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
index 304e5f495..8240f6d00 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
@@ -2,18 +2,15 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
 
 import iaik.x509.X509Certificate;
 
-import java.io.IOException;
 import java.io.StringWriter;
 import java.util.ArrayList;
 import java.util.Collection;
-import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.transform.Source;
 import javax.xml.transform.stream.StreamSource;
 
-import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.velocity.Template;
@@ -24,6 +21,7 @@ import org.opensaml.saml2.core.StatusCode;
 import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
@@ -204,7 +202,10 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
 
 			Logger.debug("MOA session is still valid");
 
-			STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
+			STORKAuthnRequest storkAuthnRequest = 
+					moaSession.getGenericDataFromSession(
+							AuthenticationSessionStorageConstants.STORK_REQUEST, 
+							STORKAuthnRequest.class);
 
 			if (storkAuthnRequest == null) {
 				Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
@@ -263,11 +264,15 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
 				} else {
 
 					// store SAMLResponse
-					moaSession.setSAMLResponse(request.getParameter("SAMLResponse"));
+					moaSession.setGenericDataToSession(
+							AuthenticationSessionStorageConstants.STORK_RESPONSE, 
+							request.getParameter("SAMLResponse"));
 					// store authnResponse
 
 					// moaSession.setAuthnResponse(authnResponse);//not serializable
-					moaSession.setAuthnResponseGetPersonalAttributeList(attributeList);
+					moaSession.setGenericDataToSession(
+							AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
+							attributeList);
 
 					String authnContextClassRef = null;
 					try {
@@ -277,12 +282,12 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
 						Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
 					}
 
-					moaSession.setAuthnContextClassRef(authnContextClassRef);
-					moaSession.setReturnURL(request.getRequestURL());
+					moaSession.setGenericDataToSession("STORK_authContextClass", authnContextClassRef);
+					moaSession.setGenericDataToSession("STORK_returnURL", request.getRequestURL());
 
 					// load signedDoc
-					String signRequest = moaSession.getSignedDoc();
-
+					String signRequest = moaSession.getGenericDataFromSession("STORK_signDoc", String.class);
+					
 					// session is implicit stored in changeSessionID!!!!
 					String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
 
@@ -380,9 +385,11 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
 			}
 
 			Logger.debug("Add full STORK AuthnResponse to MOA session");
-			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
-																					// authnResponse?
-
+			moaSession.setGenericDataToSession(
+					AuthenticationSessionStorageConstants.STORK_RESPONSE, 
+					request.getParameter("SAMLResponse"));
+			
+			
 			// session is implicit stored in changeSessionID!!!!
 			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
 
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
index b505605ab..8322d1a02 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
@@ -2,7 +2,6 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
 
 import iaik.x509.X509Certificate;
 
-import java.io.IOException;
 import java.io.InputStream;
 import java.io.StringWriter;
 import java.net.URL;
@@ -11,7 +10,6 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.List;
-import java.util.Properties;
 
 import javax.activation.DataSource;
 import javax.servlet.http.HttpServletRequest;
@@ -39,6 +37,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -243,7 +242,10 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 
 			Logger.debug("MOA session is still valid");
 
-			STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
+			STORKAuthnRequest storkAuthnRequest = 
+					moaSession.getGenericDataFromSession(
+							AuthenticationSessionStorageConstants.STORK_REQUEST, 
+							STORKAuthnRequest.class);
 
 			if (storkAuthnRequest == null) {
 				Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
@@ -575,10 +577,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
 			moaSession.setIdentityLink(identityLink);
 
 			Logger.debug("Adding addtional STORK attributes to MOA session");
-			moaSession.setStorkAttributes(attributeList);
-
+			moaSession.setGenericDataToSession(
+					AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
+					attributeList);
+			
 			Logger.debug("Add full STORK AuthnResponse to MOA session");
-			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));
+			moaSession.setGenericDataToSession(
+					AuthenticationSessionStorageConstants.STORK_RESPONSE, 
+					request.getParameter("SAMLResponse"));
+
 
 			// We don't have BKUURL, setting from null to "Not applicable"
 			moaSession.setBkuURL("Not applicable (STORK Authentication)");
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java
index 9a0598cf6..fb9172f6e 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java
@@ -24,8 +24,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes;
 
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.stork.STORKConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
 import at.gv.egovernment.moa.logging.Logger;
@@ -43,7 +42,10 @@ public class STORKAttributHelper {
 			throw new UnavailableAttributeException(attributName);
 			
 		} else {
-			IPersonalAttributeList storkAttributes = authSession.getStorkAttributes();
+			IPersonalAttributeList storkAttributes = 
+					authSession.getGenericData(
+							AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
+							IPersonalAttributeList.class);
 			
 			if ( storkAttributes == null ) {
 				throw new UnavailableAttributeException(attributName);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 2c7e5b539..f9f38e2d5 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -23,6 +23,7 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.data.AuthenticationRole;
 import at.gv.egovernment.moa.id.data.IAuthData;
@@ -30,6 +31,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
 import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType;
@@ -83,12 +85,17 @@ public class MOAAttributeProvider {
 
     public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) {
         String storkAttribute = requestedAttribute.getName();
-
+        
+        IPersonalAttributeList storkAttributes = 
+        		authData.getGenericData(
+						AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
+						IPersonalAttributeList.class);
+        
         // TODO: check if authData gets populated with stork attributtes during previous steps; it seems it is not
-        if (null != authData && null != authData.getStorkAttributes() && authData.getStorkAttributes().containsKey(requestedAttribute.getName())) {
+        if (null != authData && null != storkAttributes && storkAttributes.containsKey(requestedAttribute.getName())) {
             Logger.debug("Trying to get value for attribute directly from STORK2 response [" + storkAttribute + "]");
             try {
-                PersonalAttribute tmp = authData.getStorkAttributes().get(requestedAttribute.getName());
+                PersonalAttribute tmp = storkAttributes.get(requestedAttribute.getName());
                 attributeList.add((PersonalAttribute) tmp.clone());
             } catch(Exception e) {
                 Logger.error("Could not retrieve attribute from STORK2 response: " + storkAttribute);
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-01-12 10:44:13 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-01-12 10:44:13 +0100
commit	68017565392861db4958716971d5be38faf5fff6 (patch)
tree	a062aad32d972dcf1ac8da8d7acdf060a855d587 /id/server/modules/module-stork
parent	74e36f95b4fb49b37b05d5e93c9404f795c964df (diff)
download	moa-id-spss-68017565392861db4958716971d5be38faf5fff6.tar.gz moa-id-spss-68017565392861db4958716971d5be38faf5fff6.tar.bz2 moa-id-spss-68017565392861db4958716971d5be38faf5fff6.zip