add MOA specific eIDAS engine.

2 files changed, 92 insertions, 0 deletions

diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java
new file mode 100644
index 000000000..d8fcd1694
--- /dev/null
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java
@@ -0,0 +1,68 @@
+package at.gv.egovernment.moa.id.auth.modules.eidas.engine;
+
+import java.security.cert.X509Certificate;
+
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.saml2.core.Response;
+
+import at.gv.egovernment.moa.logging.Logger;
+import eu.eidas.auth.commons.EidasErrorKey;
+import eu.eidas.auth.commons.protocol.IAuthenticationRequest;
+import eu.eidas.auth.engine.ProtocolEngine;
+import eu.eidas.auth.engine.configuration.ProtocolConfigurationAccessor;
+import eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils;
+import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
+
+public class MOAProtocolEngine extends ProtocolEngine {
+
+	public MOAProtocolEngine(ProtocolConfigurationAccessor configurationAccessor) {
+		super(configurationAccessor);
+
+	}
+
+//	@Override
+//	protected X509Certificate getEncryptionCertificate(String requestIssuer,
+//			String destinationCountryCode) throws EIDASSAMLEngineException {
+//		if ((StringUtils.isNotBlank(destinationCountryCode)) && (null != getProtocolEncrypter())
+//				&& (getProtocolEncrypter().isEncryptionEnabled(destinationCountryCode))) {
+//			X509Certificate encryptionCertificate = getProtocolProcessor().getEncryptionCertificate(requestIssuer);
+//			
+//			if (null == encryptionCertificate) {
+//				return getProtocolEncrypter().getEncryptionCertificate(destinationCountryCode);
+//				
+//			}
+//			return encryptionCertificate;
+//		}
+//		return null;
+//	}
+//	
+//	@Override
+//	protected Response signResponse(IAuthenticationRequest request, Response response)
+//			throws EIDASSAMLEngineException {
+//		Response responseToSign = response;
+//
+//		if ((null != getProtocolEncrypter()) && (!(SAMLEngineUtils.isErrorSamlResponse(responseToSign)))) {
+//			X509Certificate destinationCertificate = getEncryptionCertificate(request.getIssuer(),
+//					request.getOriginCountryCode());
+//
+//			if (null != destinationCertificate) {
+//				responseToSign = getProtocolEncrypter().encryptSamlResponse(responseToSign, destinationCertificate);
+//				
+//			} else if (getProtocolEncrypter().isEncryptionEnabled(request.getOriginCountryCode())) {
+////				Logger.error(SAML_EXCHANGE,
+////						"BUSINESS EXCEPTION : encryption cannot be performed, no matching certificate for issuer="
+////								+ request.getIssuer() + " and country=" + request.getOriginCountryCode());
+//
+//				throw new EIDASSAMLEngineException(EidasErrorKey.SAML_ENGINE_INVALID_CERTIFICATE.errorCode(),
+//						EidasErrorKey.SAML_ENGINE_INVALID_CERTIFICATE.errorMessage());
+//			}
+//
+//		} else if (!(SAMLEngineUtils.isErrorSamlResponse(responseToSign))) {
+//			checkSendingUnencryptedResponsesAllowed();
+//			
+//		}
+//
+//		Logger.debug("Signing SAML Response.");
+//		return ((Response) getSigner().sign(responseToSign));
+//	}
+}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAProtocolEngineFactory.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAProtocolEngineFactory.java
index f29d2bb65..75a2c059c 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAProtocolEngineFactory.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAProtocolEngineFactory.java
@@ -23,10 +23,17 @@
 package at.gv.egovernment.moa.id.auth.modules.eidas.utils;
 
 import at.gv.egovernment.moa.id.auth.modules.eidas.config.MOAIDCertificateManagerConfigurationImpl;
+import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAProtocolEngine;
 import at.gv.egovernment.moa.logging.Logger;
+import eu.eidas.auth.engine.AbstractProtocolEngine;
 import eu.eidas.auth.engine.ProtocolEngineFactory;
+import eu.eidas.auth.engine.ProtocolEngineI;
+import eu.eidas.auth.engine.SamlEngineClock;
+import eu.eidas.auth.engine.configuration.FixedProtocolConfigurationAccessor;
+import eu.eidas.auth.engine.configuration.ProtocolEngineConfiguration;
 import eu.eidas.auth.engine.configuration.SamlEngineConfigurationException;
 import eu.eidas.auth.engine.configuration.dom.ProtocolEngineConfigurationFactory;
+import eu.eidas.auth.engine.core.ProtocolProcessorI;
 import eu.eidas.samlengineconfig.CertificateConfigurationManager;
 
 /**
@@ -95,5 +102,22 @@ public class MOAProtocolEngineFactory extends ProtocolEngineFactory {
 		
 	}
 
+//	public static ProtocolEngineI createProtocolEngine(String instanceName,
+//			ProtocolEngineConfigurationFactory protocolEngineConfigurationFactory,
+//			ProtocolProcessorI protocolProcessor, SamlEngineClock samlEngineClock)
+//					throws SamlEngineConfigurationException {
+//	
+//		ProtocolEngineConfiguration preConfiguration = protocolEngineConfigurationFactory
+//				.getConfiguration(instanceName);
+//
+//		protocolProcessor.configure();
+//
+//		ProtocolEngineConfiguration configuration = ProtocolEngineConfiguration.builder(preConfiguration)
+//				.protocolProcessor(protocolProcessor).clock(samlEngineClock).build();
+//
+//		ProtocolEngineI samlEngine = new MOAProtocolEngine(new FixedProtocolConfigurationAccessor(configuration));
+//
+//		return samlEngine;
+//	}
 
 }