aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-06-07 12:16:39 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-06-07 12:16:39 +0200
commitf807371b592e95511bb87c4a1ee2819e835663fc (patch)
tree1aabc971f583ff2674b272325e31aefbb7891040 /id/server
parentebd93e9389e630450e5b052a18a6a6fc8d05f611 (diff)
downloadmoa-id-spss-f807371b592e95511bb87c4a1ee2819e835663fc.tar.gz
moa-id-spss-f807371b592e95511bb87c4a1ee2819e835663fc.tar.bz2
moa-id-spss-f807371b592e95511bb87c4a1ee2819e835663fc.zip
some more refactoring stuff
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java820
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java21
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java5
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java2
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java7
-rw-r--r--id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java3
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java2
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java5
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java3
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java2
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java11
13 files changed, 46 insertions, 844 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index e72780cab..fdf806f78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -47,9 +47,9 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException;
@@ -58,6 +58,7 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
@@ -100,7 +101,7 @@ import iaik.x509.X509Certificate;
*
*/
@Service("AuthenticationDataBuilder")
-public class AuthenticationDataBuilder extends MOAIDAuthConstants {
+public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAuthenticationDataBuilder{
@Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage;
@Autowired protected AuthConfiguration authConfig;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index a43e6a7fb..7f47d3dfe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -51,13 +51,13 @@ import java.util.Calendar;
import java.util.List;
import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;
import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
deleted file mode 100644
index 14d78c88e..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
+++ /dev/null
@@ -1,820 +0,0 @@
-/**
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-package at.gv.egovernment.moa.id.data;
-
-import java.io.Serializable;
-import java.text.DateFormat;
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.commons.collections4.map.HashedMap;
-import org.w3c.dom.Element;
-
-import at.gv.egiz.eaaf.core.api.idp.IAuthData;
-import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
-import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
-import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
-import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.MiscUtil;
-
-/**
- * @author tlenz
- *
- */
-public class AuthenticationData implements IAuthData, Serializable {
-
- private static final long serialVersionUID = -1042697056735596866L;
- public static final String IDENTITY_LINK_DATE_FORMAT = "yyyy-MM-dd";
-
- /**
- * URL of the MOA-ID Auth component issueing this assertion
- */
- private String issuer;
- /**
- * time instant of issue of this assertion
- */
- private Date issueInstant;
- /**
- * user identification value (Stammzahl); <code>null</code>,
- * if the authentication module is configured not to return this data
- */
- private String identificationValue;
- /**
- * user identification type
- */
- private String identificationType;
-
- /**
- * user identityLink specialized to OAParamter
- */
- private IIdentityLink identityLink;
-
- /**
- * application specific user identifier (bPK/wbPK)
- */
- private String bPK;
-
- /**
- * application specific user identifier type
- */
- private String bPKType;
-
- /**
- * given name of the user
- */
- private String givenName;
- /**
- * family name of the user
- */
- private String familyName;
- /**
- * date of birth of the user
- */
- private Date dateOfBirth;
- /**
- * says whether the certificate is a qualified certificate or not
- */
- private boolean qualifiedCertificate;
- /**
- * says whether the certificate is a public authority or not
- */
- private boolean publicAuthority;
- /**
- * public authority code (Beh&ouml;rdenkennzeichen - BKZ)
- */
- private String publicAuthorityCode;
-
- /**
- * URL of the BKU
- */
- private String bkuURL;
- /**
- * the corresponding <code>lt;saml:Assertion&gt;</code>
- */
-
- private boolean isBaseIDTransferRestrication = true;
-
-
- /**
- * STORK attributes from response
- */
- private String ccc = null;
-
- private Map<String, Object> genericDataStorate = new HashedMap<String, Object>();
-
- private byte[] signerCertificate = null;
-
- private String authBlock = null;
- private List<String> encbPKList = null;
-
- //ISA 1.18 attributes
- private List<AuthenticationRole> roles = null;
- private String pvpAttribute_OU = null;
-
- private boolean useMandate = false;
- private IMISMandate mandate = null;
- private String mandateReferenceValue = null;
-
- private boolean foreigner =false;
- private String QAALevel = null;
-
- private boolean ssoSession = false;
- private Date ssoSessionValidTo = null;
-
-// private boolean interfederatedSSOSession = false;
-// private String interfederatedIDP = null;
-
- private String sessionIndex = null;
- private String nameID = null;
- private String nameIDFormat = null;
-
- public AuthenticationData() {
- issueInstant = new Date();
- }
-
- /**
- * Returns the publicAuthority.
- * @return boolean
- */
- public boolean isPublicAuthority() {
- return publicAuthority;
- }
-
- /**
- * Returns the publicAuthorityCode.
- * @return String
- */
- public String getPublicAuthorityCode() {
- return publicAuthorityCode;
- }
-
- /**
- * Returns the qualifiedCertificate.
- * @return boolean
- */
- public boolean isQualifiedCertificate() {
- return qualifiedCertificate;
- }
-
- /**
- * Returns the bPK.
- * @return String
- */
- public String getBPK() {
- return bPK;
- }
-
- /**
- * Sets the publicAuthority.
- * @param publicAuthority The publicAuthority to set
- */
- public void setPublicAuthority(boolean publicAuthority) {
- this.publicAuthority = publicAuthority;
- }
-
- /**
- * Sets the publicAuthorityCode.
- * @param publicAuthorityIdentification The publicAuthorityCode to set
- */
- public void setPublicAuthorityCode(String publicAuthorityIdentification) {
- this.publicAuthorityCode = publicAuthorityIdentification;
- }
-
- /**
- * Sets the qualifiedCertificate.
- * @param qualifiedCertificate The qualifiedCertificate to set
- */
- public void setQualifiedCertificate(boolean qualifiedCertificate) {
- this.qualifiedCertificate = qualifiedCertificate;
- }
-
- /**
- * Sets the bPK.
- * @param bPK The bPK to set
- */
- public void setBPK(String bPK) {
- this.bPK = bPK;
- }
-
- /**
- * Returns the dateOfBirth.
- * @return String
- */
- public Date getDateOfBirth() {
- return dateOfBirth;
- }
-
- public String getFormatedDateOfBirth() {
- DateFormat pvpDateFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT);
- if (getDateOfBirth() != null)
- return pvpDateFormat.format(getDateOfBirth());
- else
- return "2999-12-31";
- }
-
- /**
- * Returns the familyName.
- * @return String
- */
- public String getFamilyName() {
- return familyName;
- }
-
- /**
- * Returns the givenName.
- * @return String
- */
- public String getGivenName() {
- return givenName;
- }
-
- /**
- * Holds the baseID of a citizen
- *
- * @return baseID
- */
- public String getIdentificationValue() {
- return identificationValue;
- }
-
- /**
- * Holds the type of the baseID
- *
- * @return baseID-Type
- */
- public String getIdentificationType() {
- return identificationType;
- }
-
- /**
- * Returns the issueInstant.
- * @return String
- */
- public String getIssueInstantString() {
- return DateTimeUtils.buildDateTimeUTC(issueInstant);
-
- }
-
- /**
- * Returns the issueInstant.
- * @return String
- */
- public Date getIssueInstant() {
- return issueInstant;
-
- }
-
- public void setIssueInstant(Date date) {
- this.issueInstant = date;
- }
-
- /**
- * Returns the issuer.
- * @return String
- */
- public String getIssuer() {
- return issuer;
- }
-
- /**
- * Returns the BKU URL.
- * @return String
- */
- public String getBkuURL() {
- return bkuURL;
- }
-
- /**
- * Sets the dateOfBirth.
- * @param dateOfBirth The dateOfBirth to set
- */
- public void setDateOfBirth(Date dateOfBirth) {
- this.dateOfBirth = dateOfBirth;
- }
-
- public void setDateOfBirth(String dateOfBirth) {
- try {
- if (MiscUtil.isNotEmpty(dateOfBirth)) {
- DateFormat identityLinkFormat = new SimpleDateFormat(IDENTITY_LINK_DATE_FORMAT);
- this.dateOfBirth = identityLinkFormat.parse(dateOfBirth);
- }
-
- } catch (ParseException e) {
- Logger.warn("Parse dateOfBirht from IdentityLink FAILED", e);
-
- }
- }
-
- /**
- * Sets the familyName.
- * @param familyName The familyName to set
- */
- public void setFamilyName(String familyName) {
- this.familyName = familyName;
- }
-
- /**
- * Sets the givenName.
- * @param givenName The givenName to set
- */
- public void setGivenName(String givenName) {
- this.givenName = givenName;
- }
-
- /**
- * Sets the identificationValue.
- * @param identificationValue The identificationValue to set
- */
- public void setIdentificationValue(String identificationValue) {
- this.identificationValue = identificationValue;
- }
-
- /**
- * Sets the identificationType.
- * @param identificationType The identificationType to set
- */
- public void setIdentificationType(String identificationType) {
- this.identificationType = identificationType;
- }
-
- /**
- * Sets the issuer.
- * @param issuer The issuer to set
- */
- public void setIssuer(String issuer) {
- this.issuer = issuer;
- }
-
- /**
- * Sets the bkuURL
- * @param url The BKU URL to set
- */
- public void setBkuURL(String url) {
- this.bkuURL = url;
- }
-
- public String getBPKType() {
- return bPKType;
- }
-
- public void setBPKType(String bPKType) {
- this.bPKType = bPKType;
- }
-
- /**
- * @return the identityLink
- */
- public IIdentityLink getIdentityLink() {
- return identityLink;
- }
-
- /**
- * @param identityLink the identityLink to set
- */
- public void setIdentityLink(IIdentityLink identityLink) {
- this.identityLink = identityLink;
- }
-
- /**
- * @return the signerCertificate
- */
- public byte[] getSignerCertificate() {
- return signerCertificate;
- }
-
-
- /**
- * @param signerCertificate the signerCertificate to set
- */
- public void setSignerCertificate(byte[] signerCertificate) {
- this.signerCertificate = signerCertificate;
- }
-
-
- /**
- * @return the authBlock
- */
- public String getAuthBlock() {
- return authBlock;
- }
-
-
- /**
- * @param authBlock the authBlock to set
- */
- public void setAuthBlock(String authBlock) {
- this.authBlock = authBlock;
- }
-
-
- /**
- * @return the mandate
- */
- public IMISMandate getMISMandate() {
- return mandate;
- }
-
- public Element getMandate() {
- if (mandate == null)
- return null;
-
- //parse Element from mandate XML
- try {
- byte[] byteMandate = mandate.getMandate();
- String stringMandate = new String(byteMandate);
- return DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement();
-
- }
- catch (Throwable e) {
- Logger.warn("Mandate content could not be generated from MISMandate.");
- return null;
- }
- }
-
-
- /**
- * @param mandate the mandate to set
- */
- public void setMISMandate(IMISMandate mandate) {
- this.mandate = mandate;
- }
-
-
- /**
- * @return the useMandate
- */
- public boolean isUseMandate() {
- return useMandate;
- }
-
-
- /**
- * @param useMandate the useMandate to set
- */
- public void setUseMandate(boolean useMandate) {
- this.useMandate = useMandate;
- }
-
-
- /**
- * @return
- */
- public String getQAALevel() {
- if (this.QAALevel != null &&
- this.QAALevel.startsWith(PVPConstants.EIDAS_QAA_PREFIX)) {
- String mappedQAA = PVPtoSTORKMapper.getInstance().mapeIDASQAAToSTORKQAA(this.QAALevel);
- if (MiscUtil.isNotEmpty(mappedQAA))
- return mappedQAA;
-
- else {
- Logger.error("eIDAS QAA-level:" + this.QAALevel
- + " can not be mapped to STORK QAA-level! Use "
- + PVPConstants.STORK_QAA_1_1 + " as default value.");
- return PVPConstants.STORK_QAA_1_1;
-
- }
-
-
- } else
- return this.QAALevel;
- }
-
-
- public String getEIDASQAALevel() {
- if (this.QAALevel != null &&
- this.QAALevel.startsWith(PVPConstants.STORK_QAA_PREFIX)) {
- String mappedQAA = PVPtoSTORKMapper.getInstance().mapSTORKQAAToeIDASQAA(this.QAALevel);
- if (MiscUtil.isNotEmpty(mappedQAA))
- return mappedQAA;
-
- else {
- Logger.error("STORK QAA-level:" + this.QAALevel
- + " can not be mapped to eIDAS QAA-level! Use "
- + PVPConstants.EIDAS_QAA_LOW + " as default value.");
- return PVPConstants.EIDAS_QAA_LOW;
-
- }
-
-
- } else
- return this.QAALevel;
-
- }
-
-
- /**
- * @return
- */
- public boolean isForeigner() {
- return this.foreigner;
- }
-
-
- /**
- * @param foreigner the foreigner to set
- */
- public void setForeigner(boolean foreigner) {
- this.foreigner = foreigner;
- }
-
-
- /**
- * Store QAA level in eIDAS format to authentication Data
- *
- * @param qAALevel the qAALevel to set
- * @throws AssertionAttributeExtractorExeption
- */
- public void setQAALevel(String qAALevel) {
- QAALevel = qAALevel;
-
- }
-
- /**
- * @return the ssoSession
- */
- public boolean isSsoSession() {
- return ssoSession;
- }
-
-
- /**
- * @param ssoSession the ssoSession to set
- */
- public void setSsoSession(boolean ssoSession) {
- this.ssoSession = ssoSession;
- }
-
- /**
- * @return the mandateReferenceValue
- */
- public String getMandateReferenceValue() {
- return mandateReferenceValue;
- }
-
- /**
- * @param mandateReferenceValue the mandateReferenceValue to set
- */
- public void setMandateReferenceValue(String mandateReferenceValue) {
- this.mandateReferenceValue = mandateReferenceValue;
- }
-
- /**
- * CountryCode of the citizen which is identified and authenticated
- *
- * @return the CountryCode <pre>like. AT, SI, ...</pre>
- */
- public String getCcc() {
- return ccc;
- }
-
- /**
- * @param ccc the ccc to set
- */
- public void setCcc(String ccc) {
- this.ccc = ccc;
- }
-
- /**
- * @return the sessionIndex
- */
- public String getSessionIndex() {
- return sessionIndex;
- }
-
- /**
- * @param sessionIndex the sessionIndex to set
- */
- public void setSessionIndex(String sessionIndex) {
- this.sessionIndex = sessionIndex;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.data.IAuthData#getNameID()
- */
- @Override
- public String getNameID() {
- return this.nameID;
- }
-
- /**
- * @param nameID the nameID to set
- */
- public void setNameID(String nameID) {
- this.nameID = nameID;
- }
-
- /**
- * @return the nameIDFormat
- */
- public String getNameIDFormat() {
- return nameIDFormat;
- }
-
- /**
- * @param nameIDFormat the nameIDFormat to set
- */
- public void setNameIDFormat(String nameIDFormat) {
- this.nameIDFormat = nameIDFormat;
- }
-
-// /**
-// * @return the interfederatedSSOSession
-// */
-// public boolean isInterfederatedSSOSession() {
-// return interfederatedSSOSession;
-// }
-//
-// /**
-// * @param interfederatedSSOSession the interfederatedSSOSession to set
-// */
-// public void setInterfederatedSSOSession(boolean interfederatedSSOSession) {
-// this.interfederatedSSOSession = interfederatedSSOSession;
-// }
-//
-// /**
-// * @return the interfederatedIDP
-// */
-// public String getInterfederatedIDP() {
-// return interfederatedIDP;
-// }
-//
-// /**
-// * @param interfederatedIDP the interfederatedIDP to set
-// */
-// public void setInterfederatedIDP(String interfederatedIDP) {
-// this.interfederatedIDP = interfederatedIDP;
-// }
-
- /**
- * @return the ssoSessionValidTo
- */
- public Date getSsoSessionValidTo() {
- return ssoSessionValidTo;
- }
-
- /**
- * @param ssoSessionValidTo the ssoSessionValidTo to set
- */
- public void setSsoSessionValidTo(Date ssoSessionValidTo) {
- this.ssoSessionValidTo = ssoSessionValidTo;
- }
-
- /**
- * @return the encbPKList
- */
- public List<String> getEncbPKList() {
- return encbPKList;
- }
-
- /**
- * @param encbPKList the encbPKList to set
- */
- public void setEncbPKList(List<String> encbPKList) {
- this.encbPKList = encbPKList;
- }
-
- /**
- * @return the roles
- */
- public List<AuthenticationRole> getAuthenticationRoles() {
-// if (this.roles == null) {
-// this.roles = new ArrayList<AuthenticationRole>();
-// this.roles.add(new AuthenticationRole("xxpvprole", "xxpvprole"));
-// this.roles.add(new AuthenticationRole("yypvprole", "yypvprole"));
-// }
-
- return roles;
- }
-
- //ISA 1.18 attributes
- /**
- * @param roles the roles to set
- */
- public void addAuthenticationRole(AuthenticationRole role) {
- if (this.roles == null)
- this.roles = new ArrayList<AuthenticationRole>();
-
- this.roles.add(role);
- }
-
- /**
- * @return the pvpAttribute_OU
- */
- public String getPvpAttribute_OU() {
- return pvpAttribute_OU;
- }
-
- /**
- * @param pvpAttribute_OU the pvpAttribute_OU to set
- */
- public void setPvpAttribute_OU(String pvpAttribute_OU) {
- this.pvpAttribute_OU = pvpAttribute_OU;
- }
-
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.data.IAuthData#isBusinessService()
- */
- @Override
- public boolean isBaseIDTransferRestrication() {
- return isBaseIDTransferRestrication;
- }
-
- /**
- * @param isBaseIDTransmittionAllowed the isBaseIDTransmittionAllowed to set
- */
- public void setBaseIDTransferRestrication(boolean isBaseIDTransferRestrication) {
- this.isBaseIDTransferRestrication = isBaseIDTransferRestrication;
- }
-
- /**
- * Returns a generic data-object with is stored with a specific identifier
- *
- * @param key The specific identifier of the data object
- * @param clazz The class type which is stored with this key
- * @return The data object or null if no data is found with this key
- */
- public <T> T getGenericData(String key, final Class<T> clazz) {
- if (MiscUtil.isNotEmpty(key)) {
- Object data = genericDataStorate.get(key);
-
- if (data == null)
- return null;
-
- try {
- @SuppressWarnings("unchecked")
- T test = (T) data;
- return test;
-
- } catch (Exception e) {
- Logger.warn("Generic authentication-data object can not be casted to requsted type", e);
- return null;
-
- }
-
- }
-
- Logger.warn("Can not load generic session-data with key='null'");
- return null;
-
- }
-
- /**
- * Store a generic data-object to session with a specific identifier
- *
- * @param key Identifier for this data-object
- * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface
- * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage
- */
- public void setGenericData(String key, Object object) throws SessionDataStorageException {
- if (MiscUtil.isEmpty(key)) {
- Logger.warn("Generic session-data can not be stored with a 'null' key");
- throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null);
-
- }
-
- if (object != null) {
- if (!Serializable.class.isInstance(object)) {
- Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface");
- throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null);
-
- }
- }
-
- if (genericDataStorate.containsKey(key))
- Logger.debug("Overwrite generic data with key:" + key);
- else
- Logger.trace("Add generic data with key:" + key + " to session.");
-
- genericDataStorate.put(key, object);
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index b36b5af30..718f730b0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -28,6 +28,7 @@ import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -38,6 +39,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
@@ -114,6 +116,25 @@ public class SSOManager {
}
+ protected String createNewSSOSessionCookie(HttpServletRequest req, HttpServletResponse resp,
+ IRequest pendingReq, IAuthenticationSession moaSession) {
+ Logger.debug("Add SSO information to MOASession.");
+
+ //Store SSO information into database
+ String newSSOSessionId = createSSOSessionInformations(moaSession.getSessionID(),
+ pendingReq.getSPEntityId());
+
+ //set SSO cookie to response
+ if (StringUtils.isNotEmpty(newSSOSessionId)) {
+ setSSOSessionID(req, resp, newSSOSessionId);
+
+ } else {
+ deleteSSOSessionID(req, resp);
+
+ }
+
+ return newSSOSessionId;
+ }
public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) throws ConfigurationException, SessionDataStorageException {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index e6298527b..038e384f3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -55,8 +55,8 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.exceptions.NoPassivAuthenticationException;
@@ -67,6 +67,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityLogAdapter;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -100,7 +101,7 @@ import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@Controller
-public class PVP2XProtocol extends AbstractAuthProtocolModulController {
+public class PVP2XProtocol extends AbstractAuthProtocolModulController implements IModulInfo {
@Autowired IDPCredentialProvider pvpCredentials;
@Autowired SAMLVerificationEngineSP samlVerificationEngine;
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java
index 958fb25ce..c56116255 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java
@@ -77,8 +77,6 @@ public class MOAIDConstants {
public static final List<String> ALLOWED_eIDAS_LOA;
public static final List<String> JDBC_DRIVER_NEEDS_WORKAROUND;
- public static final String UNIQUESESSIONIDENTIFIER = "uniqueSessionIdentifier";
-
public static final String eIDAS_LOA_LOW = "http://eidas.europa.eu/LoA/low";
public static final String eIDAS_LOA_SUBSTANTIAL = "http://eidas.europa.eu/LoA/substantial";
public static final String eIDAS_LOA_HIGH = "http://eidas.europa.eu/LoA/high";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java
index db413b0f5..e816349c8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java
@@ -26,7 +26,7 @@ package at.gv.egovernment.moa.id.commons.api.data;
* @author tlenz
*
*/
-public interface AuthProzessDataConstants {
+public interface AuthProzessDataConstants extends EAAFConstants {
public static final String GENERIC_PREFIX = "generic_";
@@ -37,10 +37,9 @@ public interface AuthProzessDataConstants {
public static final String FLAG_IS_AUTHENTICATED = "direct_flagIsAuth";
public static final String FLAG_SAMLATTRIBUTEGEBEORWBPK = "direct_SAMLAttributeGebeORwbpk";
-
- public static final String VALUE_CREATED = "direct_created";
+
public static final String VALUE_ISSUEINSTANT = "direct_issueInstant";
- public static final String VALUE_SESSIONID = "direct_sessionId";
+
public static final String VALUE_SIGNER_CERT = "direct_signerCert";
public static final String VALUE_IDENTITYLINK = "direct_idl";
public static final String VALUE_BKUURL = "direct_bkuUrl";
diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java
index e3468b89f..aed2efff2 100644
--- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java
+++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DateTimeUtilsTest.java
@@ -31,10 +31,9 @@ import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;
+import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;
import junit.framework.TestCase;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-
/**
* @author Patrick Peck
* @version $Id$
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index f12ef1994..97f56c6f4 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -28,6 +28,7 @@ import org.xml.sax.SAXException;
import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
@@ -71,7 +72,6 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index 019a61b7c..8ed9e1f2e 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -43,8 +43,8 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
@@ -59,6 +59,7 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -81,7 +82,7 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
* @author tlenz
*/
@Controller
-public class EIDASProtocol extends AbstractAuthProtocolModulController {
+public class EIDASProtocol extends AbstractAuthProtocolModulController implements IModulInfo {
public static final String NAME = EIDASProtocol.class.getName();
public static final String PATH = "eidas";
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 55348b5f8..5acb1c547 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -18,6 +18,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
import com.google.gson.JsonObject;
import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
@@ -34,7 +35,7 @@ import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@Controller
-public class OAuth20Protocol extends AbstractAuthProtocolModulController {
+public class OAuth20Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
public static final String NAME = OAuth20Protocol.class.getName();
public static final String PATH = "id_oauth20";
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index add6d78e4..2ad19e088 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -26,6 +26,7 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
@@ -41,7 +42,6 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.Logger;
import iaik.esi.sva.util.X509Utils;
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 19fadb318..8dfe10268 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -35,18 +35,19 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
+import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
+import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
-import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.protocols.AbstractAuthProtocolModulController;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -62,7 +63,7 @@ import at.gv.egovernment.moa.util.URLEncoder;
*/
@Controller
-public class SAML1Protocol extends AbstractAuthProtocolModulController {
+public class SAML1Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
@Autowired private SAML1AuthenticationServer saml1AuthServer;