add SP specific configuration for SL2.0

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-25 13:22:20 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-25 13:22:20 +0200
commit: 30e324851d67bd900471457e3c30a19b4073ec77 (patch)
tree: 26dc86ca4bee05522dd2eff7ea5dfcbe626d68af /id
parent: 55f71502a0b62624d5ebc0e4aa749b3f5d5a0bf2 (diff)
download: moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.tar.gz
moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.tar.bz2
moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.zip
16 files changed, 366 insertions, 47 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
index ad99f5d22..2f51e68b4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -85,6 +85,11 @@ public class OAAuthenticationData implements IOnlineApplicationData {
 	private boolean useTestIDLValidationTrustStore = false;
 	private boolean useTestAuthblockValidationTrustStore = false;
 	
+	
+	//SL2.0
+	private boolean sl20Active = false;
+	private String sl20EndPoints = null;
+	
 	/**
 	 * 
 	 */
@@ -253,6 +258,29 @@ public class OAAuthenticationData implements IOnlineApplicationData {
 			useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore();		
 		}
 		
+		//parse SL2.0 information
+		if (oaauth.isSl20Active()) {
+			//parse SL2.0 endpoint information
+			if (oaauth.getSl20EndPoints() != null) {
+				if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints()))
+					sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints());
+				
+				else {
+					if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) {
+						//remove trailing comma if exist
+						sl20EndPoints = oaauth.getSl20EndPoints().substring(0, 
+								oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER));
+													
+					} else
+						sl20EndPoints = oaauth.getSl20EndPoints();
+					
+				}
+			}
+			sl20Active = oaauth.isSl20Active();
+			
+		}
+		
+		
 		return null;
 		
 	}
@@ -392,7 +420,10 @@ public class OAAuthenticationData implements IOnlineApplicationData {
         testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore);
         
         
-        
+        //store SL2.0 information
+        authoa.setSl20Active(isSl20Active());        
+        authoa.setSl20EndPoints(getSl20EndPoints());
+                
         return null;
 	}
 
@@ -768,6 +799,28 @@ public class OAAuthenticationData implements IOnlineApplicationData {
 	public List<String> getSzrgwServicesList() {
 		return szrgwServicesList;
 	}
+
+	
+	public boolean isSl20Active() {
+		return sl20Active;
+	}
+
+	public void setSl20Active(boolean sl20Active) {
+		this.sl20Active = sl20Active;
+	}
+
+	public String getSl20EndPoints() {
+		return sl20EndPoints;
+	}
+
+	public void setSl20EndPoints(String sl20EndPoints) {
+		if (MiscUtil.isNotEmpty(sl20EndPoints))
+			this.sl20EndPoints = 
+				KeyValueUtils.removeAllNewlineFromString(sl20EndPoints);
+		else
+			this.sl20EndPoints = sl20EndPoints;
+	}
 		
 	
+	
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
index a758088b1..32ef4a6cc 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest;
 import org.apache.log4j.Logger;
 
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
 import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
 import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
@@ -187,7 +188,65 @@ public class OAAuthenticationDataValidation {
 			
 			
 		}
-				
+		
+		if (form.isSl20Active()) {
+			if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) {
+				log.debug("Validate SL2.0 configuration ... ");				
+				List<String> sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints());
+				if (sl20Endpoints.size() == 1) {
+					String value = sl20Endpoints.get(0);
+					
+					if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+						log.warn("SL2.0 endpoint '" + value + "' has wrong format");
+						errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", 
+							new Object[] {value}, request ));
+												
+					} else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							!value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) {
+						log.info("Find one SL2.0 endpoint without 'default='. Start update ... ");
+						form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value);	
+						
+					}
+					
+				} else {
+					boolean findDefault = false;
+					for (String el : sl20Endpoints) {
+						if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+							log.warn("SL2.0 endpoint '" + el + "' has wrong format");
+							errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", 
+								new Object[] {el}, request ));
+							
+						} else {
+							if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) {
+								log.debug("Find default endpoint.");
+								findDefault = true;
+								
+							} else {
+								String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0];
+								try {	
+									Integer.valueOf(firstPart);
+									
+								} catch (NumberFormatException e) {
+									log.warn("SL2.0 endpoint '" + el + "' has wrong format", e);
+									errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", 
+											new Object[] {el}, request ));
+									
+								}																										
+							}							
+						}
+					}
+					
+					if (!findDefault) {
+						log.warn("SL2.0 endpoints contains NO default endpoint");
+						errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", 
+								new Object[] {}, request ));
+						
+					}
+				}								
+			}			
+		}
+		
 		return errors;
 	}
 }
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 2006625ff..047d4b200 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -562,3 +562,11 @@ validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen
 validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
 validation.general.form.applet.width=Die Appleth\u00F6he ist keine g\\u00FCltige Zahl.
 validation.general.form.applet.height=Die Appletbreite ist keine g\\u00FCltige Zahl.
+
+
+###new
+webpages.oaconfig.general.sl20.header=Security Layer f�r mobile Authententifizierung
+webpages.oaconfig.general.sl20.enable=SL2.0 aktivieren
+webpages.oaconfig.general.sl20.endpoints=VDA Endpunkt URLs
+validation.general.sl20.endpoints.default=SL2.0 Endpunkt beinhaltet keinen 'default' Endpunkt.
+validation.general.sl20.endpoints.wrong=SL2.0 Endpunkt ist ung\\u00FCltig formatiert {0}.  
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index 694294df7..43fa0f3ae 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -559,3 +559,11 @@ validation.general.form.appletredirecttarget=RedirectTarget contains invalud val
 validation.general.form.fonttype=Font type for CCE selection contains forbidden characters. The following characters are not allowed\: {0}
 validation.general.form.applet.width=The height of applet is invalid number.
 validation.general.form.applet.height=The width of applet is invalid number.
+
+
+###new
+webpages.oaconfig.general.sl20.header=Security Layer for mobile Authentication
+webpages.oaconfig.general.sl20.enable=Activate SL2.0
+webpages.oaconfig.general.sl20.endpoints=VDA endPoint URLs
+validation.general.sl20.endpoints.default=SL2.0 endpoint contains NO 'default'.
+validation.general.sl20.endpoints.wrong=SL2.0 endpoint {0} is not valid.  
+\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
index 59661091b..d2668e264 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
@@ -68,6 +68,27 @@
 				</s:if>	
 
 				<div class="oa_config_block">
+						<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.sl20.header", request) %></h3>
+						<s:checkbox name="authOA.sl20Active" 
+								value="%{authOA.sl20Active}"
+								labelposition="left"
+								key="webpages.oaconfig.general.sl20.enable"
+								cssClass="checkbox">
+						</s:checkbox>
+						
+						<s:textarea name="authOA.sl20EndPoints" 
+									value="%{authOA.sl20EndPoints}" 
+									labelposition="left"
+									key="webpages.oaconfig.general.sl20.endpoints"
+									cssClass="textfield_long"
+									rows="3"								
+									requiredLabel="true"
+									style="height:120px;">								
+						</s:textarea>							
+				</div>
+
+
+				<div class="oa_config_block">
 						<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.testing.header", request) %></h3>
 						
 						
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
index 25855dcb6..956d07c44 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
@@ -279,6 +279,82 @@ public class ServicesAuthenticationInformationTask extends AbstractTaskValidator
 					LanguageHelper.getErrorString("validation.general.szrgw.url.valid", new Object[]{check})));
 		}
 		
+		
+		
+		
+		
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);
+		if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED) != null && 
+				Boolean.valueOf(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) {
+			if (MiscUtil.isNotEmpty(check)) {
+				log.debug("Validate SL2.0 configuration ... ");				
+				List<String> sl20Endpoints = KeyValueUtils.getListOfCSVValues(check);
+				if (sl20Endpoints.size() == 1) {
+					String value = sl20Endpoints.get(0);
+					
+					if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+						log.warn("SL2.0 endpoint '" + value + "' has wrong format");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+								"SL2.0 - EndPoint URLs",
+								LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{value})));
+																				
+					} else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							!value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) {
+						log.info("Find one SL2.0 endpoint without 'default='. Start updateing ... ");
+						sl20Endpoints.remove(0);
+						sl20Endpoints.add(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value);	
+						
+					}
+					
+				} else {
+					boolean findDefault = false;
+					for (String el : sl20Endpoints) {
+						if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+							log.warn("SL2.0 endpoint '" + el + "' has wrong format");
+							errors.add(new ValidationObjectIdentifier(
+									MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+									"SL2.0 - EndPoint URLs",
+									LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{el})));
+							
+						} else {
+							if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) {
+								log.debug("Find default endpoint.");
+								findDefault = true;
+								
+							} else {
+								String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0];
+								try {	
+									Integer.valueOf(firstPart);
+									
+								} catch (NumberFormatException e) {
+									log.warn("SL2.0 endpoint '" + el + "' has wrong format", e);
+									errors.add(new ValidationObjectIdentifier(
+											MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+											"SL2.0 - EndPoint URLs",
+											LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{el})));
+									
+								}																										
+							}							
+						}
+					}
+					
+					if (!findDefault) {
+						log.warn("SL2.0 endpoints contains NO default endpoint");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+								"SL2.0 - EndPoint URLs",
+								LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", new Object[]{})));
+						
+					}
+				}								
+			}			
+		}
+		
+		
+		
 		if (!errors.isEmpty())
 			throw new ConfigurationTaskValidationException(errors);
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index e093ce1e2..db0170e54 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -476,7 +476,9 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 		try {
 			//put pending-request ID on execurtionContext
 			executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, pendingReq.getRequestID());			
-						
+			executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_SP_CONFIG, pendingReq.getOnlineApplicationConfiguration());
+			
+			
 			// create process instance
 			String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext);
 
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
index 6f6735d48..58f930590 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
@@ -190,6 +190,7 @@ public class MOAIDAuthConstants extends MOAIDConstants{
   public static final String PROCESSCONTEXT_ISLEGACYREQUEST = "isLegacyRequest";
   public static final String PROCESSCONTEXT_UNIQUE_OA_IDENTFIER = "uniqueSPId";
   public static final String PROCESSCONTEXT_SSL_CLIENT_CERTIFICATE = MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE;
+  public static final String PROCESSCONTEXT_SP_CONFIG = "spConfig";
   
   //General protocol-request data-store keys
   public static final String AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE = "authProces_SecurityLayerTemplate";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
index 332764edf..4e697f099 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.commons.api;
 
+import java.io.Serializable;
 import java.security.PrivateKey;
 import java.util.Collection;
 import java.util.List;
@@ -37,7 +38,7 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
  * @author tlenz
  *
  */
-public interface IOAAuthParameters {
+public interface IOAAuthParameters extends Serializable{
 
 	public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing";
 	public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
index 48d64225c..f42c1eb69 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
@@ -181,12 +181,26 @@ public class ConfigurationMigrationUtils {
 			else
 				result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN, StringUtils.EMPTY);
 			
+						
 			//convert selected SZR-GW service
 			if (MiscUtil.isNotEmpty(oa.getSelectedSZRGWServiceURL()))
 				result.put(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL, oa.getSelectedSZRGWServiceURL());
 			
 	        AuthComponentOA oaauth = oa.getAuthComponentOA();
 			if (oaauth != null) {
+			
+				//convert SL20 infos
+				if (oaauth.isSl20Active() != null)
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, oaauth.isSl20Active().toString());
+				else
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, Boolean.FALSE.toString());
+				
+				if (MiscUtil.isNotEmpty(oaauth.getSl20EndPoints()))
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, oaauth.getSl20EndPoints());
+				else
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, StringUtils.EMPTY);
+				
+				
 				
 				//convert business identifier
 				IdentificationNumber idnumber = oaauth.getIdentificationNumber();
@@ -777,6 +791,16 @@ public class ConfigurationMigrationUtils {
 	        	
 	        }
 
+	        //set SL20 things
+	        if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)))
+	        	authoa.setSl20Active(Boolean.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)));
+	        else 
+	        	authoa.setSl20Active(false);
+	        
+	        authoa.setSl20EndPoints(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS));
+	        
+	        
+	        
 	        dbOA.setSelectedSZRGWServiceURL(oa.get(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL));
 
 	        dbOA.setMandateServiceSelectionTemplateURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_ELGAMANDATESERVICESELECTION_URL));
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
index 8b52e4e0c..9d5553277 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
@@ -84,6 +84,9 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants {
 	public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = AUTH + ".authblock.additionaltext";
 	public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = AUTH + ".authblock.removebPK";
 
+	public static final String SERVICE_AUTH_SL20_ENABLED = AUTH + ".sl20.enabled";
+	public static final String SERVICE_AUTH_SL20_ENDPOINTS = AUTH + ".sl20.endpoints";
+	
 	private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES;
 	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA = SERVICE_AUTH_TEMPLATES + ".bkuselection.data";
 	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".bkuselection.preview";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java
index 04efb0afe..852df16e6 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java
@@ -11,23 +11,17 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated;
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
+
 import javax.persistence.CascadeType;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Inheritance;
-import javax.persistence.InheritanceType;
-import javax.persistence.JoinColumn;
 import javax.persistence.ManyToOne;
 import javax.persistence.OneToMany;
-import javax.persistence.Table;
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlAttribute;
 import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlTransient;
 import javax.xml.bind.annotation.XmlType;
+
 import org.jvnet.jaxb2_commons.lang.Equals;
 import org.jvnet.jaxb2_commons.lang.EqualsStrategy;
 import org.jvnet.jaxb2_commons.lang.HashCode;
@@ -162,6 +156,13 @@ public class AuthComponentOA
     @XmlAttribute(name = "Hjid")
     protected Long hjid;
 
+    
+    @XmlTransient
+    protected Boolean sl20Active;    
+    @XmlTransient
+    protected String sl20EndPoints;
+    
+    
     /**
      * Gets the value of the bkuurls property.
      * 
@@ -522,11 +523,28 @@ public class AuthComponentOA
     
     
     
+    
     public Long getHjid() {
         return hjid;
     }
 
-    /**
+    public Boolean isSl20Active() {
+		return sl20Active;
+	}
+
+	public void setSl20Active(Boolean sl20Active) {
+		this.sl20Active = sl20Active;
+	}
+
+	public String getSl20EndPoints() {
+		return sl20EndPoints;
+	}
+
+	public void setSl20EndPoints(String sl20EndPoints) {
+		this.sl20EndPoints = sl20EndPoints;
+	}
+
+	/**
      * Sets the value of the hjid property.
      * 
      * @param value
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
index 40ef5a23a..a206c9125 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
@@ -34,6 +34,7 @@ import java.util.Set;
 
 import org.apache.commons.lang3.StringUtils;
 
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
@@ -44,6 +45,8 @@ public class KeyValueUtils {
 	
 	public static final String KEY_DELIMITER = ".";
 	public static final String CSV_DELIMITER = ",";
+	public static final String KEYVVALUEDELIMITER = "=";
+	public static final String DEFAULT_VALUE = "default";
 	
 	/**
 	 * Convert Java properties into a Map<String, String>
@@ -328,6 +331,29 @@ public class KeyValueUtils {
 	}
 	
 	/**
+	 * Convert a List of String elements to a Map of Key/Value pairs
+	 * <br>
+	 * Every List element used as a key/value pair and the '=' sign represents the delimiter between key and value 
+	 * 
+	 * @param elements List of key/value elements
+	 * @return Map of Key / Value pairs, but never null
+	 */
+	public static Map<String, String> convertListToMap(List<String> elements) {
+		Map<String, String> map = new HashMap<String, String>();
+		for (String el : elements) {
+			if (el.contains(KEYVVALUEDELIMITER)) {
+				String[] split = el.split(KEYVVALUEDELIMITER);
+				map.put(split[0], split[1]);
+				
+			} else
+				Logger.debug("Key/Value Mapper: '" + el + "' contains NO '='. Ignore it.");
+			
+		}
+		
+		return map;
+	}
+	
+	/**
 	 * This method remove all newline delimiter (\n or \r\n) from input data
 	 * 
 	 * @param value Input String
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
index 9fcb3aa58..f474461bf 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
@@ -6,7 +6,8 @@ public class Constants {
 	public static final String HTTP_ENDPOINT_RESUME = "/sl20/resume";
 	
 	public static final String CONFIG_PROP_PREFIX = "modules.sl20";
-	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint";
+	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint.";
+	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = "default";
 	public static final String CONFIG_PROP_VDA_AUTHBLOCK_ID = CONFIG_PROP_PREFIX + ".vda.authblock.id";
 	public static final String CONFIG_PROP_VDA_AUTHBLOCK_TRANSFORMATION_ID = CONFIG_PROP_PREFIX + ".vda.authblock.transformation.id";	
 	public static final String CONFIG_PROP_SECURITY_KEYSTORE_PATH = CONFIG_PROP_PREFIX + ".security.keystore.path";
@@ -16,7 +17,7 @@ public class Constants {
 	public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS = CONFIG_PROP_PREFIX + ".security.encryption.alias";;
 	public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD = CONFIG_PROP_PREFIX + ".security.encryption.password";
 	
-	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT + ".";
+	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID;
 	public static final String CONFIG_PROP_SP_LIST = CONFIG_PROP_PREFIX + ".sp.entityIds.";
 	
 	public static final String CONFIG_PROP_DISABLE_EID_VALIDATION = CONFIG_PROP_PREFIX + ".security.eID.validation.disable";
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 367e7b604..2c106b52e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -27,15 +27,18 @@ import java.util.List;
 
 import javax.annotation.PostConstruct;
 
-import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
 import at.gv.egovernment.moa.id.auth.modules.AuthModule;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * @author tlenz
@@ -75,23 +78,43 @@ public class SL20AuthenticationModulImpl implements AuthModule {
 	 */
 	@Override
 	public String selectProcess(ExecutionContext context) {
+		Object spConfigObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_SP_CONFIG);
+		IOAAuthParameters spConfig = null;
+		if (spConfigObj != null && spConfigObj instanceof IOAAuthParameters)
+			spConfig = (IOAAuthParameters)spConfigObj;
+					
 		String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase());
 		String sl20VDATypeHeader = (String)  context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
 		
-		if ( StringUtils.isNotBlank(sl20ClientTypeHeader) 
-//				&& (
-//						StringUtils.isNotBlank(sl20VDATypeHeader) 
-//						//&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim())
-//				   ) 
-				) {
-			Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");			
+		if (spConfig != null && 
+				MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)) &&
+					Boolean.valueOf(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) {
+			Logger.debug("SL2.0 is enabled for " + spConfig.getPublicURLPrefix());
+			Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  ": " + sl20ClientTypeHeader);			
+			Logger.trace(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE +  ": " + sl20VDATypeHeader);
 			return "SL20Authentication";
 			
 		} else {
-			Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");
+			Logger.trace("SL2.0 is NOT enabled for " + spConfig.getPublicURLPrefix());
 			return null;
 			
-		}		
+		}
+		
+		
+//		if ( StringUtils.isNotBlank(sl20ClientTypeHeader) 
+////				&& (
+////						StringUtils.isNotBlank(sl20VDATypeHeader) 
+////						//&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim())
+////				   ) 
+//				) {
+//			Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");			
+//			return "SL20Authentication";
+//			
+//		} else {
+//			Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");
+//			return null;
+//			
+//		}		
 	}
 
 	/* (non-Javadoc)
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index b87d614c5..883ae07f2 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -39,7 +39,9 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUti
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.id.util.SSLUtils;
@@ -202,30 +204,22 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 	}
 	
 	private String extractVDAURLForSpecificOA(IOAAuthParameters oaConfig, ExecutionContext executionContext) {		
+		String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);		
+		Map<String, String> endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+		if (MiscUtil.isNotEmpty(spSpecificVDAEndpoints)) {
+			endPointMap.putAll(KeyValueUtils.convertListToMap(
+							KeyValueUtils.getListOfCSVValues(
+								KeyValueUtils.normalizeCSVValueString(spSpecificVDAEndpoints))));
+			Logger.debug("Find OA specific SL2.0 endpoints. Updating endPoint list ... ");
+			
+		} 
+		
+		Logger.trace("Find #" + endPointMap.size() + " SL2.0 endpoints ... ");
 		
-		//selection based on EntityID
-//		Map<String, String> listOfVDAs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
-//		Map<String, String> listOfSPs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_SP_LIST);
-//		
-//		for (Entry<String, String> el : listOfSPs.entrySet()) {
-//			List<String> spEntityIds = KeyValueUtils.getListOfCSVValues(el.getValue());
-//			if (spEntityIds.contains(oaConfig.getPublicURLPrefix())) {
-//				Logger.trace("Select VDA endPoint with Id: " + el.getKey());
-//				if (listOfVDAs.containsKey(el.getKey()))					
-//					return listOfVDAs.get(el.getKey());
-//				
-//				else
-//					Logger.info("No VDA endPoint with Id: " + el.getKey());
-//				
-//			} else
-//				Logger.trace("SP list: " + el.getKey() + " does not contain OAIdentifier: " + oaConfig.getPublicURLPrefix());
-//			
-//		}
-
 		//selection based on request Header
 		String sl20VDATypeHeader = (String)  executionContext.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
 		if (MiscUtil.isNotEmpty(sl20VDATypeHeader)) {
-			String vdaURL = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST + sl20VDATypeHeader);
+			String vdaURL = endPointMap.get(sl20VDATypeHeader);
 			if (MiscUtil.isNotEmpty(vdaURL))
 				return vdaURL.trim();
 			
@@ -235,7 +229,8 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 		}
 		
 		Logger.info("NO SP specific VDA endpoint found. Use default VDA");
-		return authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT);
+		return endPointMap.getOrDefault(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT,
+				Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT);
 		
 	}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-25 13:22:20 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-25 13:22:20 +0200
commit	30e324851d67bd900471457e3c30a19b4073ec77 (patch)
tree	26dc86ca4bee05522dd2eff7ea5dfcbe626d68af /id
parent	55f71502a0b62624d5ebc0e4aa749b3f5d5a0bf2 (diff)
download	moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.tar.gz moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.tar.bz2 moa-id-spss-30e324851d67bd900471457e3c30a19b4073ec77.zip