aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2019-12-11 16:01:38 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2019-12-11 16:01:38 +0100
commite4fa532f93f10115e1f39c97cc96e5950a048884 (patch)
treeb919a752f77a37fbae7407b3864e05b1416c1dcc /id/server/modules
parent84b0604fa11e7f73e3e78b981d628f768a880f35 (diff)
downloadmoa-id-spss-e4fa532f93f10115e1f39c97cc96e5950a048884.tar.gz
moa-id-spss-e4fa532f93f10115e1f39c97cc96e5950a048884.tar.bz2
moa-id-spss-e4fa532f93f10115e1f39c97cc96e5950a048884.zip
update to EAAF-Components 1.0.13.1
Enforce E-ID authentication based on Service-Provider configuration
Diffstat (limited to 'id/server/modules')
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java3
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java3
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java52
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java3
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java29
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java3
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java6
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java6
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java5
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java3
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java9
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java3
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java3
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java3
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java4
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java6
16 files changed, 73 insertions, 68 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
index 1962d6c82..82fb42c32 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
@@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.auth.modules.internal;
import org.apache.commons.lang3.StringUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
@@ -18,7 +19,7 @@ public class DefaultCitizenCardAuthModuleImpl implements AuthModule {
}
@Override
- public String selectProcess(ExecutionContext context) {
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
//select process if BKU is selected and it is no STORK authentication
boolean performBKUSelection = false;
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java
index 821a200c7..53b3f3e1a 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java
@@ -29,6 +29,7 @@ import javax.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
@@ -64,7 +65,7 @@ public class EidasCentralAuthModuleImpl implements AuthModule {
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
Serializable paramObj = context.get(EidasCentralAuthConstants.HTTP_PARAM_CENTRAL_EIDAS_AUTH_SELECTION);
if (paramObj != null ) {
if (paramObj instanceof String) {
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
index f4c27e047..85d9d0f76 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
@@ -29,9 +29,11 @@ import javax.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
import at.gv.egovernment.moa.logging.Logger;
@@ -66,27 +68,37 @@ public class EIDProxyAuthModuleImpl implements AuthModule {
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
-
- if (authConfig.getBasicConfigurationBoolean(EIDProxyAuthConstants.CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT, false)) {
- Serializable paramObj = context.get(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION);
- if (paramObj != null ) {
- if (paramObj instanceof String) {
- String param = (String)paramObj;
- if (StringUtils.isNotEmpty(param) && Boolean.parseBoolean(param)) {
- Logger.debug("Manually selected E-ID authentication process ");
- return AUTH_PROCESS_NAME;
- }
- }
- }
-
- return null;
-
- }
-
- Logger.trace("Select E-ID authentication process ... ");
- return AUTH_PROCESS_NAME;
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+ if (Boolean.parseBoolean(
+ pendingReq.getServiceProviderConfiguration().getConfigurationValue(
+ MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE,
+ String.valueOf(false)))) {
+ Logger.debug("SP: " + pendingReq.getSPEntityId() + " activates E-ID mode.");
+ return AUTH_PROCESS_NAME;
+
+ } else {
+ if (authConfig.getBasicConfigurationBoolean(EIDProxyAuthConstants.CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT, true)) {
+ Logger.trace("Disable E-ID enforcment is 'true' ");
+ Serializable paramObj = context.get(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION);
+ if (paramObj != null ) {
+ if (paramObj instanceof String) {
+ String param = (String)paramObj;
+ if (StringUtils.isNotEmpty(param) && Boolean.parseBoolean(param)) {
+ Logger.debug("Manually selected E-ID authentication process ");
+ return AUTH_PROCESS_NAME;
+ }
+ }
+ }
+
+ return null;
+
+ } else {
+ Logger.trace("Select E-ID authentication process ... ");
+ return AUTH_PROCESS_NAME;
+
+ }
+ }
}
/* (non-Javadoc)
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
index b17f0c121..50f675c6e 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
@@ -29,6 +29,7 @@ import javax.annotation.PostConstruct;
import org.springframework.beans.factory.annotation.Autowired;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
@@ -95,7 +96,7 @@ public class BKAMobileAuthModule implements AuthModule {
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
String spEntityID = (String) context.get(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID);
String sl20ClientTypeHeader = (String) context.get("SL2ClientType".toLowerCase());
String sl20VDATypeHeader = (String) context.get("X-MOA-VDA".toLowerCase());
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
index 6efa55ac8..daaf6a0f5 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
@@ -23,17 +23,13 @@
package at.gv.egovernment.moa.id.auth.modules.eidas;
-import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
-import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
/**
@@ -64,29 +60,14 @@ public class AustrianAuthWitheID4UAuthenticationModulImpl extends DefaultCitizen
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
- String selectedProcessID = super.selectProcess(context);
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+ String selectedProcessID = super.selectProcess(context, pendingReq);
if (MiscUtil.isNotEmpty(selectedProcessID)) {
- String pendingReqId = (String)context.get(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID);
-
- if (StringUtils.isEmpty(pendingReqId))
- Logger.warn("Process execution context contains NO 'pendingReqId'. Looks very suspect!");
-
- else {
- IRequest pendingReq;
- try {
- pendingReq = requestStore.getPendingRequest(pendingReqId);
- if (pendingReq != null && pendingReq instanceof EIDASData) {
- return "eID4UAttributCollectionAuthentication";
+ if (pendingReq != null && pendingReq instanceof EIDASData) {
+ return "eID4UAttributCollectionAuthentication";
- }
-
- } catch (PendingReqIdValidationException e) {
- Logger.warn("Validation of PendingRequestId FAILED. Reason: " + e.getMessage());
-
- }
-
}
+
}
return selectedProcessID;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
index ec042949a..cf9a5cc60 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.auth.modules.eidas;
import org.apache.commons.lang3.StringUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -52,7 +53,7 @@ public class eIDASAuthenticationModulImpl implements AuthModule {
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
if (StringUtils.isNotBlank((String) context.get("ccc")) ||
StringUtils.isNotBlank((String) context.get("CCC")))
return "eIDASAuthentication";
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
index a1d6bb225..e879fd95b 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
@@ -32,7 +32,7 @@ import org.springframework.stereotype.Service;
import at.gv.egiz.components.spring.api.IDestroyableObject;
import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
import at.gv.egiz.eaaf.core.api.IPostStartupInitializable;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain;
@@ -52,7 +52,7 @@ import eu.eidas.auth.engine.AbstractProtocolEngine;
public class MOAeIDASChainingMetadataProvider extends SimpleMetadataProvider implements ObservableMetadataProvider,
IGarbageCollectorProcessing, IDestroyableObject, IRefreshableMetadataProvider, IPostStartupInitializable{
- @Autowired(required=true) IConfiguration basicConfig;
+ @Autowired(required=true) IConfigurationWithSP basicConfig;
private Timer timer = null;
@@ -82,7 +82,7 @@ public class MOAeIDASChainingMetadataProvider extends SimpleMetadataProvider imp
protected void initializeEidasMetadataFromFileSystem() throws ConfigurationException {
try {
- Map<String, String> metadataToLoad = authConfig.getBasicConfigurationWithPrefix(Constants.CONIG_PROPS_EIDAS_METADATA_URLS_LIST_PREFIX);
+ Map<String, String> metadataToLoad = basicConfig.getBasicConfigurationWithPrefix(Constants.CONIG_PROPS_EIDAS_METADATA_URLS_LIST_PREFIX);
if (!metadataToLoad.isEmpty()) {
Logger.info("Load static configurated eIDAS metadata ... ");
for (String metaatalocation : metadataToLoad.values()) {
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
index ab4179981..3b976b99e 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
@@ -12,6 +12,7 @@ import org.springframework.stereotype.Component;
import com.google.common.collect.UnmodifiableIterator;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
@@ -43,6 +44,7 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask {
@Autowired private OAuth20AuthAction openIDAuthAction;
@Autowired private ITransactionStorage transactionStorage;
@Autowired private AuthenticationDataBuilder authDataBuilder;
+ @Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
@Override
public void execute(ExecutionContext context, HttpServletRequest httpReq, HttpServletResponse httpResp)
@@ -102,10 +104,10 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask {
//generate fake OpenID_Connect request
OAuth20AuthRequest fakeOpenIDReq = new OAuth20AuthRequest();
- fakeOpenIDReq.initialize(httpReq, authConfig);
+ fakeOpenIDReq.initialize(httpReq, authConfigWithSp);
fakeOpenIDReq.setSPEntityId(uniqueID);
fakeOpenIDReq.setModule(OAuth20Protocol.NAME);
- fakeOpenIDReq.setOnlineApplicationConfiguration(authConfig.getServiceProviderConfiguration(uniqueID));
+ fakeOpenIDReq.setOnlineApplicationConfiguration(authConfigWithSp.getServiceProviderConfiguration(uniqueID));
fakeOpenIDReq.setScope("openId profile");
//populate with SessionData
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
index 0d460f293..a0aa45794 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
@@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.auth.modules.elgamandates;
import org.springframework.beans.factory.annotation.Autowired;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
@@ -52,8 +53,8 @@ public class ELGAMandatesAuthModuleImpl extends DefaultCitizenCardAuthModuleImpl
}
@Override
- public String selectProcess(ExecutionContext context) {
- String selectedProcessID = super.selectProcess(context);
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+ String selectedProcessID = super.selectProcess(context, pendingReq);
//check if BKU authentication is selected and ELGA-MandateService is configurated
if (MiscUtil.isNotEmpty(selectedProcessID)) {
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index 9cceea7d5..8ef33381f 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -32,6 +32,7 @@ import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
@@ -60,7 +61,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
return param;
}
- protected void populateParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
+ protected void populateParameters(final HttpServletRequest request, IConfigurationWithSP authConfig) throws OAuth20Exception {
// moa id - load oa with client id!
try {
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 9c2d47ca7..9142210c8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -29,7 +29,7 @@ import javax.annotation.PostConstruct;
import org.springframework.beans.factory.annotation.Autowired;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -77,11 +77,8 @@ public class SL20AuthenticationModulImpl implements AuthModule {
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
- ISPConfiguration spConfig = (ISPConfiguration) context.get(EAAFConstants.PROCESSCONTEXT_SP_CONFIG);
-// if (spConfigObj != null && spConfigObj instanceof IOAAuthParameters)
-// spConfig = (IOAAuthParameters)spConfigObj;
-
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+ ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase());
String sl20VDATypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index a0b759ced..9c74a3cdb 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -55,6 +55,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
@Autowired(required=true) private IJOSETools joseTools;
@Autowired private AuthConfiguration moaAuthConfig;
+
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
@@ -211,7 +212,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
private String extractVDAURLForSpecificOA(ISPConfiguration oaConfig, ExecutionContext executionContext) {
String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);
- Map<String, String> endPointMap = authConfig.getBasicConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+ Map<String, String> endPointMap = moaAuthConfig.getBasicConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
if (MiscUtil.isNotEmpty(spSpecificVDAEndpoints)) {
endPointMap.putAll(KeyValueUtils.convertListToMap(
KeyValueUtils.getListOfCSVValues(
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
index b9d08a20f..2d7e209ca 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
@@ -22,6 +22,7 @@
*/
package at.gv.egovernment.moa.id.auth.modules.ssotransfer;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -53,7 +54,7 @@ public class SSOTransferAuthModuleImpl implements AuthModule{
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
Object restoreSSOSessionObj = context.get("restoreSSOSession");
if (restoreSSOSessionObj != null && restoreSSOSessionObj instanceof String) {
boolean restoreSSOSession = (boolean) Boolean.parseBoolean((String)restoreSSOSessionObj);
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
index 4068d2d99..e50836712 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
@@ -22,6 +22,7 @@
*/
package at.gv.egovernment.moa.id.auth.modules.federatedauth;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
@@ -45,7 +46,7 @@ public class FederatedAuthenticationModuleImpl implements AuthModule {
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
//select interfederation authentication if PERFORM_INTERFEDERATION_AUTH flag is set
Object performfedAuthObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH);
if (performfedAuthObj != null && performfedAuthObj instanceof Boolean) {
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
index d0d97e9e8..a798679d7 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
@@ -36,6 +36,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import at.gv.egiz.eaaf.core.api.data.ILoALevelMapper;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
@@ -64,6 +65,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
@Autowired FederatedAuthCredentialProvider credential;
@Autowired(required=true) MOAMetadataProvider metadataProvider;
@Autowired(required=true) ILoALevelMapper loaMapper;
+ @Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
@@ -82,7 +84,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
}
//load IDP configuration from MOA-ID Configuration
- IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(idpEntityID, IOAAuthParameters.class);
+ IOAAuthParameters idpConfig = authConfigWithSp.getServiceProviderConfiguration(idpEntityID, IOAAuthParameters.class);
//validate IDP
if (!idpConfig.isInderfederationIDP() || !idpConfig.isInboundSSOInterfederationAllowed()) {
Logger.info("Requested interfederation IDP " + idpEntityID + " is not valid for interfederation.");
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
index 6b6d1a196..7dce22d81 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
@@ -42,6 +42,7 @@ import org.opensaml.xml.security.SecurityException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
@@ -94,6 +95,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
@Autowired private AuthenticationDataBuilder authDataBuilder;
@Autowired(required=true) MOAMetadataProvider metadataProvider;
@Autowired(required=true) protected IAuthenticationSessionStoreage authenticatedSessionStorage;
+ @Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
/* (non-Javadoc)
@@ -150,7 +152,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
PVPSProfileResponse processedMsg = preProcessAuthResponse((PVPSProfileResponse) msg);
//load IDP and SP configuration
- IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+ IOAAuthParameters idpConfig = authConfigWithSp.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
IOAAuthParameters spConfig = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
//check if response Entity is valid
@@ -224,7 +226,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
if (msg != null) {
IOAAuthParameters idpConfig = null;
try {
- idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+ idpConfig = authConfigWithSp.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
//remove federated IDP from SSO session if exists
ssoManager.removeInterfederatedSSOIDP(msg.getEntityID(), request);