aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-01-22 14:11:11 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-01-22 14:11:11 +0100
commit0c6ca9a8fb5de402f128a449b80635a79292fce0 (patch)
treeaf21904ae85f6ebb9958f03750684cfccc60cffc /id/server/modules
parentabd4a6743f610bf85392b6517457ae353e7e3322 (diff)
downloadmoa-id-spss-0c6ca9a8fb5de402f128a449b80635a79292fce0.tar.gz
moa-id-spss-0c6ca9a8fb5de402f128a449b80635a79292fce0.tar.bz2
moa-id-spss-0c6ca9a8fb5de402f128a449b80635a79292fce0.zip
refactor eIDAS-node metadata generation
Diffstat (limited to 'id/server/modules')
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java22
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java16
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java17
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java (renamed from id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/EidasMetaDataServlet.java)75
5 files changed, 90 insertions, 54 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
index 18432fd1c..06643ec53 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
@@ -35,16 +35,6 @@ import org.apache.velocity.Template;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
-import eu.eidas.auth.commons.EIDASAuthnRequest;
-import eu.eidas.auth.commons.EIDASUtil;
-import eu.eidas.auth.commons.EidasLoaCompareType;
-import eu.eidas.auth.commons.EidasLoaLevels;
-import eu.eidas.auth.commons.IPersonalAttributeList;
-import eu.eidas.auth.commons.PersonalAttribute;
-import eu.eidas.auth.commons.PersonalAttributeList;
-import eu.eidas.auth.engine.EIDASSAMLEngine;
-import eu.eidas.auth.engine.core.eidas.SPType;
-import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -66,6 +56,16 @@ import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
+import eu.eidas.auth.commons.EIDASAuthnRequest;
+import eu.eidas.auth.commons.EIDASUtil;
+import eu.eidas.auth.commons.EidasLoaCompareType;
+import eu.eidas.auth.commons.EidasLoaLevels;
+import eu.eidas.auth.commons.IPersonalAttributeList;
+import eu.eidas.auth.commons.PersonalAttribute;
+import eu.eidas.auth.commons.PersonalAttributeList;
+import eu.eidas.auth.engine.EIDASSAMLEngine;
+import eu.eidas.auth.engine.core.eidas.SPType;
+import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
/**
* @author tlenz
@@ -141,7 +141,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
//build eIDAS AuthnRequest
EIDASAuthnRequest authnRequest = new EIDASAuthnRequest();
- authnRequest.setProviderName(moaconfig.getPublicURLPrefix());
+ authnRequest.setProviderName(pendingReq.getAuthURL());
authnRequest.setPersonalAttributeList(pAttList);
authnRequest.setIssuer(moaconfig.getPublicURLPrefix() + Constants.eIDAS_HTTP_ENDPOINT_METADATA);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java
index 1012be1b7..c8f6bba9c 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java
@@ -26,6 +26,13 @@ import java.io.StringWriter;
import java.text.SimpleDateFormat;
import java.util.Map.Entry;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.velocity.Template;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
@@ -41,13 +48,6 @@ import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.Template;
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
import eu.eidas.auth.commons.EIDASAuthnResponse;
import eu.eidas.auth.commons.EIDASStatusCode;
import eu.eidas.auth.commons.EIDASUtil;
@@ -104,7 +104,7 @@ public class AuthenticationRequest implements IAction {
// - create metadata url
AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
- String pubURLPrefix = config.getPublicURLPrefix();
+ String pubURLPrefix = req.getAuthURL();
String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA;
response.setIssuer(metadata_url);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
index 0bedf0432..374c3df30 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
@@ -2,14 +2,26 @@ package at.gv.egovernment.moa.id.protocols.eidas;
import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+
import org.opensaml.saml2.core.Attribute;
-import eu.eidas.auth.commons.EIDASAuthnRequest;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
+import eu.eidas.auth.commons.EIDASAuthnRequest;
public class EIDASData extends RequestImpl {
+ /**
+ * @param req
+ * @throws ConfigurationException
+ */
+ public EIDASData(HttpServletRequest req) throws ConfigurationException {
+ super(req);
+
+ }
+
/** The Constant serialVersionUID. */
private static final long serialVersionUID = 8765755670214923910L;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index a94e136b4..b652503f8 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -22,6 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.eidas;
+import java.util.HashMap;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -38,11 +43,6 @@ import eu.eidas.auth.commons.EIDASAuthnRequest;
import eu.eidas.auth.commons.EIDASUtil;
import eu.eidas.auth.engine.EIDASSAMLEngine;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import java.util.HashMap;
-
/**
* Stork 2 Protocol Support
*
@@ -54,11 +54,14 @@ public class EIDASProtocol extends MOAIDAuthConstants implements IModulInfo {
public static final String PATH = "eidas";
public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
-
+ public static final String METADATAREQUEST = "MetadataRequest";
+
private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
static {
actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
+ actions.put(METADATAREQUEST, new EidasMetaDataRequest());
+
}
public String getName() {
@@ -102,7 +105,7 @@ public class EIDASProtocol extends MOAIDAuthConstants implements IModulInfo {
EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken);
// memorize important stuff
- EIDASData result = new EIDASData();
+ EIDASData result = new EIDASData(request);
// - memorize remote ip
result.setRemoteAddress(request.getRemoteAddr());
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/EidasMetaDataServlet.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
index 470e3b0fc..0be291a06 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/EidasMetaDataServlet.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
@@ -14,25 +14,20 @@
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*******************************************************************************/
-package at.gv.egovernment.moa.id.auth.modules.eidas.utils;
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.security.provider.IAIK;
-
-import java.io.IOException;
-import java.security.Security;
-
-import javax.servlet.ServletException;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
+package at.gv.egovernment.moa.id.protocols.eidas;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.data.SLOInformationInterface;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import eu.eidas.auth.engine.EIDASSAMLEngine;
import eu.eidas.auth.engine.metadata.MetadataConfigParams;
import eu.eidas.auth.engine.metadata.MetadataGenerator;
@@ -42,20 +37,23 @@ import eu.eidas.engine.exceptions.SAMLEngineException;
/**
* First version to provide some valid metadata to an asking eIDaS node
*/
-@WebServlet("/eidas/metadata")
-public class EidasMetaDataServlet extends HttpServlet {
+//@WebServlet("/eidas/metadata")
+public class EidasMetaDataRequest implements IAction {
private static final long serialVersionUID = -2129228304760706063L;
- private Logger logger = org.slf4j.LoggerFactory.getLogger(EidasMetaDataServlet.class);
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- try {
+ private Logger logger = org.slf4j.LoggerFactory.getLogger(EidasMetaDataRequest.class);
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData)
+ */
+ @Override
+ public SLOInformationInterface processRequest(IRequest req,
+ HttpServletRequest httpReq, HttpServletResponse httpResp,
+ IAuthData authData) throws MOAIDException {
+
+ try {
logger.debug("EidasMetaDataServlet GET");
- AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
- String pubURLPrefix = config.getPublicURLPrefix();
+ String pubURLPrefix = req.getAuthURL();
String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA;
@@ -64,14 +62,37 @@ public class EidasMetaDataServlet extends HttpServlet {
logger.trace(metaData);
- response.setContentType("text/xml");
- response.getWriter().print(metaData);
- response.flushBuffer();
+ httpResp.setContentType("text/xml");
+ httpResp.getWriter().print(metaData);
+ httpResp.flushBuffer();
+
} catch (Exception e) {
e.printStackTrace();
}
- }
+
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq,
+ HttpServletResponse httpResp) {
+ return false;
+
+ }
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName()
+ */
+ @Override
+ public String getDefaultActionName() {
+ return "eIDAS-Metadata Action";
+
+ }
+
public String generateMetadata(String metadata_url, String sp_return_url) throws SAMLEngineException, EIDASEngineException{
String metadata="invalid metadata";